GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,330 advisories
Filter by severity
Regular Expression Denial of Service in path-parse
Moderate
CVE-2021-23343
was published
for
path-parse
(npm)
Aug 10, 2021
Regular Expression Denial of Service in System.Text.RegularExpressions
High
CVE-2019-0820
was published
for
System.Text.RegularExpressions
(NuGet)
Aug 4, 2021
github.com/pires/go-proxyproto vulnerable to DoS via Connection descriptor exhaustion
High
CVE-2021-23409
was published
for
github.com/pires/go-proxyproto
(Go)
Jul 26, 2021
Denial of Service in SheetJS Pro
Moderate
CVE-2021-32012
was published
for
org.webjars.npm:xlsx
(Maven)
Jul 22, 2021
Denial of Service in SheetsJS Pro
Moderate
CVE-2021-32013
was published
for
org.webjars.npm:xlsx
(Maven)
Jul 22, 2021
Denial of Service in SheetJS Pro
Moderate
CVE-2021-32014
was published
for
org.webjars.npm:xlsx
(Maven)
Jul 22, 2021
Regular expression denial of service in react-native
High
CVE-2020-1920
was published
for
react-native
(npm)
Jul 20, 2021
Regular Expression Denial of Service in Addressable templates
High
CVE-2021-32740
was published
for
addressable
(RubyGems)
Jul 12, 2021
Resource Exhaustion in Spring Security
High
CVE-2021-22119
was published
for
org.springframework.security:spring-security-core
(Maven)
Jul 2, 2021
Resource exhaustion in socket.io-parser
High
CVE-2020-36049
was published
for
socket.io-parser
(npm)
Jun 30, 2021
Denial of Service in miekg-dns
High
CVE-2017-15133
was published
for
github.com/miekg/dns
(Go)
Jun 29, 2021
Denial of service in github.com/ethereum/go-ethereum
Moderate
CVE-2020-26264
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
Denial of service in geth
Moderate
CVE-2020-26242
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
Regular Expression Denial of Service (ReDoS) in Prism
High
CVE-2021-32723
was published
for
prismjs
(npm)
Jun 28, 2021
Potential Denial-of-Service in bindata
Low
CVE-2021-32823
was published
for
bindata
(RubyGems)
Jun 23, 2021
Denial of service in GJSON
High
CVE-2020-35380
was published
for
github.com/tidwall/gjson
(Go)
Jun 23, 2021
Uncontrolled Resource Consumption in Apache OpenMeetings server
High
CVE-2021-27576
was published
for
org.apache.openmeetings:openmeetings-parent
(Maven)
Jun 16, 2021
Uncontrolled Resource Consumption in JPA Server in HAPI FHIR
Moderate
CVE-2021-32053
was published
for
ca.uhn.hapi.fhir:hapi-fhir-jpaserver-base
(Maven)
Jun 16, 2021
Uncontrolled Resource Consumption in locutus
High
CVE-2021-23392
was published
for
locutus
(npm)
Jun 10, 2021
Uncontrolled Resource Consumption in XNIO
Moderate
CVE-2020-14340
was published
for
org.jboss.xnio:xnio-nio
(Maven)
Jun 8, 2021
Uncontrolled Resource Consumption in Pillow
High
CVE-2021-28677
was published
for
Pillow
(pip)
Jun 8, 2021
Uncontrolled Resource Consumption in trim-newlines
High
CVE-2021-33623
was published
for
trim-newlines
(npm)
Jun 7, 2021
ProTip!
Advisories are also available from the
GraphQL API