GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
809 advisories
Filter by severity
Unbounded resource exhaustion in cmark-gfm autolink extension may lead to denial of service
Moderate
GHSA-4qw4-jpp4-8gvp
was published
for
commonmarker
(RubyGems)
Sep 21, 2022
Keycloak vulnerable to uncontrolled resource consumption
High
CVE-2014-3651
was published
for
org.keycloak:keycloak-core
(Maven)
Oct 18, 2018
Regular Expression Denial of Service
Moderate
GHSA-6394-6h9h-cfjg
was published
for
nwmatcher
(npm)
Jun 7, 2019
Regular Expression Denial of Service (ReDoS) in lodash
Moderate
CVE-2019-1010266
was published
for
lodash
(npm)
Jul 19, 2019
Denial of Service in js-yaml
Moderate
GHSA-2pr6-76vf-7546
was published
for
js-yaml
(npm)
Jun 5, 2019
Prototype Pollution in @apollo/gateway
High
GHSA-74cr-77xc-8g6r
was published
for
@apollo/gateway
(npm)
Jun 13, 2019
Prototype Pollution in lutils-merge
Moderate
GHSA-f7qw-5pvg-mmwp
was published
for
lutils-merge
(npm)
Jun 13, 2019
Prototype Pollution in upmerge
Moderate
GHSA-gm9g-2g8v-fvxj
was published
for
upmerge
(npm)
Jun 6, 2019
Regular Expression Denial of Service in underscore.string
Moderate
GHSA-v2p6-4mp7-3r9v
was published
for
underscore.string
(npm)
Jun 14, 2019
Regular Expression Denial of Service
Moderate
GHSA-qx4v-6gc5-f2vv
was published
for
esm
(npm)
Jun 20, 2019
Denial of Service in url-relative
Moderate
GHSA-86p3-4gfq-38f2
was published
for
url-relative
(npm)
Jun 5, 2019
Regular Expression Denial of Service in braces
Low
GHSA-g95f-p29q-9xw4
was published
for
braces
(npm)
Jun 6, 2019
Denial of Service in rgb2hex
Moderate
GHSA-65p8-3hm4-h9h8
was published
for
rgb2hex
(npm)
Aug 23, 2019
Regular Expression Denial of Service in Acorn
High
GHSA-6chw-6frg-f759
was published
for
acorn
(npm)
Apr 3, 2020
Regular Expression Denial of Service in websocket-extensions (NPM package)
High
CVE-2020-7662
was published
for
websocket-extensions
(npm)
Jun 5, 2020
Regular Expression Denial of Service in negotiator
High
CVE-2016-10539
was published
for
negotiator
(npm)
Oct 9, 2018
Regular Expression Denial of Service in ssri
Moderate
CVE-2018-7651
was published
for
ssri
(npm)
Mar 7, 2018
DoS due to excessively large websocket message in ws
High
CVE-2016-10542
was published
for
ws
(npm)
Feb 18, 2019
Denial-of-Service Extended Event Loop Blocking in qs
High
CVE-2014-10064
was published
for
qs
(npm)
Oct 9, 2018
Denial of Service in mqtt-packet
High
CVE-2016-10523
was published
for
mqtt-packet
(npm)
Feb 18, 2019
ProTip!
Advisories are also available from the
GraphQL API