Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,778
Erlang
35
GitHub Actions
29
Go
2,332
Maven
5,000+
npm
3,966
NuGet
713
pip
3,759
Pub
12
RubyGems
921
Rust
975
Swift
38
Unreviewed advisories
All unreviewed
5,000+

250 advisories

Loading
jsx-slack insufficient patch for CVE-2021-43838 ReDoS Moderate
CVE-2021-43843 was published for jsx-slack (npm) Jan 6, 2022
hieki
Regular Expression Denial of Service (ReDoS) in jsx-slack Low
CVE-2021-43838 was published for jsx-slack (npm) Dec 17, 2021
hieki
Prototype pollution in paypal-adaptive Moderate
CVE-2020-7643 was published for paypal-adaptive (npm) Dec 10, 2021
Improper Input Validation in is-email High
CVE-2021-36716 was published for is-email (npm) Dec 10, 2021
Uncontrolled Resource Consumption in strapi Moderate
CVE-2020-8123 was published for strapi-admin (npm) Dec 10, 2021
J3rry-1729
modern-async's `forEachSeries` and `forEachLimit` functions do not limit the number of requests High
CVE-2021-41167 was published for modern-async (npm) Oct 21, 2021
Regular Expression Denial of Service in jsoneditor Moderate
CVE-2021-3822 was published for jsoneditor (npm) Sep 29, 2021
Regular Expression Denial of Service in millisecond Moderate
GHSA-m489-xr35-fjxr was published for millisecond (npm) Sep 22, 2021
Denial of Service in node-static Moderate
GHSA-8r4g-cg4m-x23c was published for node-static (npm) Sep 22, 2021
prismjs Regular Expression Denial of Service vulnerability Moderate
CVE-2021-3801 was published for prismjs (npm) Sep 20, 2021
semver-regex Regular Expression Denial of Service (ReDOS) High
CVE-2021-3795 was published for semver-regex (npm) Sep 20, 2021
Inefficient Regular Expression Complexity in vuelidate High
CVE-2021-3794 was published for @vuelidate/validators (npm) Sep 20, 2021
madcatone
tmpl vulnerable to Inefficient Regular Expression Complexity which may lead to resource exhaustion High
CVE-2021-3777 was published for tmpl (npm) Sep 20, 2021
Uncontrolled Resource Consumption in trim-off-newlines Moderate
CVE-2021-23425 was published for trim-off-newlines (npm) Sep 2, 2021
Uncontrolled Resource Consumption in ansi-html High
CVE-2021-23424 was published for ansi-html (npm) Sep 2, 2021
Diddern
Uncontrolled Resource Consumption in transpile Moderate
CVE-2021-23429 was published for transpile (npm) Sep 2, 2021
axios Inefficient Regular Expression Complexity vulnerability High
CVE-2021-3749 was published for axios (npm) Sep 1, 2021
Unlimited transforms allowed for signed nodes Moderate
CVE-2021-39171 was published for passport-saml (npm) Aug 30, 2021
pp-ps
Regular Expression Denial of Service in path-parse Moderate
CVE-2021-23343 was published for path-parse (npm) Aug 10, 2021
Denial of Service in SheetJS Pro Moderate
CVE-2021-32012 was published for org.webjars.npm:xlsx (Maven) Jul 22, 2021
Denial of Service in SheetsJS Pro Moderate
CVE-2021-32013 was published for org.webjars.npm:xlsx (Maven) Jul 22, 2021
Denial of Service in SheetJS Pro Moderate
CVE-2021-32014 was published for org.webjars.npm:xlsx (Maven) Jul 22, 2021
Regular expression denial of service in react-native High
CVE-2020-1920 was published for react-native (npm) Jul 20, 2021
Resource exhaustion in socket.io-parser High
CVE-2020-36049 was published for socket.io-parser (npm) Jun 30, 2021
Regular Expression Denial of Service (ReDoS) in Prism High
CVE-2021-32723 was published for prismjs (npm) Jun 28, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database