GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,277
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
18 advisories
Filter by severity
Unbounded resource exhaustion in cmark-gfm autolink extension may lead to denial of service
Moderate
GHSA-4qw4-jpp4-8gvp
was published
for
commonmarker
(RubyGems)
Sep 21, 2022
Several quadratic complexity bugs may lead to denial of service in Commonmarker
Moderate
GHSA-636f-xm5j-pj9m
was published
for
commonmarker
(RubyGems)
Jan 24, 2023
unpoly-rails Denial of Service vulnerability
Moderate
CVE-2023-28846
was published
for
unpoly-rails
(RubyGems)
Mar 30, 2023
ReDoS vulnerability in parser_apache2
Moderate
CVE-2021-41186
was published
for
fluentd
(RubyGems)
Nov 1, 2021
Untrusted users can run pending migrations in production in Rails
Moderate
CVE-2020-8185
was published
for
actionpack
(RubyGems)
Jun 24, 2020
RubyGems Regular Expression Denial of Service vulnerability
Moderate
CVE-2013-4287
was published
for
rubygems-update
(RubyGems)
May 14, 2022
Rack Gem Subject to Denial of Service via Hash Collisions
Moderate
CVE-2011-5036
was published
for
org.jruby:jruby-parent
(RubyGems)
May 17, 2022
Rack rubygems receiving excessively long lines triggers out-of-memory error
Moderate
CVE-2013-0183
was published
for
rack
(RubyGems)
Oct 24, 2017
sentry-raven allows remote attackers to cause a denial of service via a large exponent value in a scientific number
Moderate
CVE-2014-9490
was published
for
sentry-raven
(RubyGems)
Oct 24, 2017
sidekiq Denial of Service vulnerability
Moderate
CVE-2023-26141
was published
for
sidekiq
(RubyGems)
Sep 14, 2023
memory leak flaw was found in ruby-magick
Moderate
CVE-2023-5349
was published
for
rmagick
(RubyGems)
Oct 30, 2023
REXML contains a denial of service vulnerability
Moderate
CVE-2024-35176
was published
for
rexml
(RubyGems)
May 16, 2024
REXML denial of service vulnerability
Moderate
CVE-2024-39908
was published
for
rexml
(RubyGems)
Jul 16, 2024
fugit parse and parse_nat stall on lengthy input
Moderate
CVE-2024-43380
was published
for
fugit
(RubyGems)
Aug 19, 2024
Potential Denial-of-Service in bindata
Moderate
CVE-2021-32823
was published
for
bindata
(RubyGems)
Jun 23, 2021
ProTip!
Advisories are also available from the
GraphQL API