GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,277
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
78 advisories
Filter by severity
Hyperledger indy-node vulnerable to denial of service
High
CVE-2022-31006
was published
for
indy-node
(pip)
Sep 16, 2022
OpenStack Cinder, Glance, and Nova contain Uncontrolled Resource Consumption
High
CVE-2015-5162
was published
for
cinder
(pip)
May 14, 2022
Apache MXNet vulnerable to potential denial-of-service by excessive resource consumption
High
CVE-2022-24294
was published
for
mxnet
(pip)
Jul 25, 2022
Uncontrolled Resource Consumption in asyncua and opcua
High
CVE-2022-25304
was published
for
asyncua
(pip)
Aug 24, 2022
Uncontrolled Resource Consumption in Apache DolphinScheduler
High
CVE-2022-25598
was published
for
apache-dolphinscheduler
(Maven)
Mar 31, 2022
opentelemetry-instrumentation Denial of Service vulnerability due to unbound cardinality metrics
High
CVE-2023-43810
was published
for
opentelemetry-instrumentation
(pip)
Oct 2, 2023
Duplicate Advisory: Starlette Content-Type Header ReDoS
High
GHSA-93gm-qmq6-w238
was published
for
starlette
(pip)
Feb 5, 2024
•
withdrawn
Duplicate Advisory: FastAPI Content-Type Header ReDoS
High
GHSA-qf9m-vfgh-m389
was published
for
fastapi
(pip)
Feb 5, 2024
•
withdrawn
Scrapy denial of service vulnerability
High
CVE-2017-14158
was published
for
scrapy
(pip)
May 17, 2022
OpenStack Nova DoS by rebuilding the same instance with a new image multiple times
High
CVE-2017-17051
was published
for
nova
(pip)
May 13, 2022
h2o vulnerable to unexpected POST request shutting down server
High
CVE-2024-5979
was published
for
h2o
(pip)
Jun 27, 2024
OpenStack Storlets arbitrary code execution vulnerability
High
CVE-2024-28717
was published
for
storlets
(pip)
Apr 22, 2024
Fiona affected by CVE-2020-14152 related to madler-zlib
High
GHSA-g4m4-9q4c-mfw6
was published
for
fiona
(pip)
Jul 16, 2024
regular expression denial-of-service (ReDoS) in Bleach
High
CVE-2020-6817
was published
for
bleach
(pip)
Mar 30, 2020
Apache Airflow denial of service vulnerability
High
CVE-2023-37379
was published
for
apache-airflow
(pip)
Aug 23, 2023
Apache IoTDB subject to ReDOS with Java 8
High
CVE-2022-43766
was published
for
apache-iotdb
(Maven)
Oct 26, 2022
Apprise vulnerable to regex injection with IFTTT Plugin
High
CVE-2021-39229
was published
for
apprise
(pip)
Sep 20, 2021
Regular Expression Denial of Service in CairoSVG
High
CVE-2021-21236
was published
for
CairoSVG
(pip)
Jan 6, 2021
Django Regex Algorithmic Complexity Causes Denial of Service
High
CVE-2009-3695
was published
for
Django
(pip)
May 2, 2022
Django Image Field Vulnerable to Image Decompression Bombs
High
CVE-2012-3443
was published
for
Django
(pip)
May 17, 2022
Django denial of service via file upload naming
High
CVE-2014-0481
was published
for
Django
(pip)
May 14, 2022
Django Denial of Service Vulnerability in the authentication framework
High
CVE-2013-1443
was published
for
Django
(pip)
May 17, 2022
Django ReDoS in validators.URLValidator
High
CVE-2015-5145
was published
for
Django
(pip)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API