GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,626
Erlang
29
GitHub Actions
16
Go
1,698
Maven
4,936
npm
3,466
NuGet
601
pip
2,975
Pub
10
RubyGems
826
Rust
767
Swift
34
Unreviewed advisories
All unreviewed
5,000+
208 advisories
Filter by severity
string-kit Inefficient Regular Expression Complexity vulnerability
High
CVE-2021-4299
was published
for
string-kit
(npm)
Jan 2, 2023
rgb2hex vulnerable to inefficient regular expression complexity
High
CVE-2018-25061
was published
for
rgb2hex
(npm)
Dec 31, 2022
markdown-it vulnerable to Inefficient Regular Expression Complexity
High
CVE-2015-10005
was published
for
markdown-it
(npm)
Dec 27, 2022
email-existence Inefficient Regular Expression Complexity vulnerability
High
CVE-2018-25049
was published
for
email-existence
(npm)
Dec 27, 2022
pypa/wheel vulnerable to Regular Expression denial of service (ReDoS)
High
CVE-2022-40898
was published
for
wheel
(pip)
Dec 23, 2022
pypa/setuptools vulnerable to Regular Expression Denial of Service (ReDoS)
High
CVE-2022-40897
was published
for
setuptools
(pip)
Dec 23, 2022
Inefficient Regular Expression Complexity in rails-html-sanitizer
High
CVE-2022-23517
was published
for
rails-html-sanitizer
(RubyGems)
Dec 13, 2022
Inefficient Regular Expression Complexity in Loofah
High
CVE-2022-23514
was published
for
loofah
(RubyGems)
Dec 13, 2022
Inefficient Regular Expression Complexity in Liferay Portal
High
CVE-2022-42124
was published
for
com.liferay.portal:release.portal.bom
(Maven)
Nov 15, 2022
pymatgen is vulnerable to Regular Expression Denial of Service (ReDoS)
Moderate
CVE-2022-42964
was published
for
pymatgen
(pip)
Nov 10, 2022
snowflake-connector-python is vulnerable to Regular Expression Denial of Service (ReDoS)
Moderate
CVE-2022-42965
was published
for
snowflake-connector-python
(pip)
Nov 10, 2022
cleo is vulnerable to Regular Expression Denial of Service (ReDoS)
Moderate
CVE-2022-42966
was published
for
cleo
(pip)
Nov 10, 2022
kangax html-minifier REDoS vulnerability
High
CVE-2022-37620
was published
for
html-minifier
(npm)
Oct 31, 2022
Inefficient Regular Expression Complexity in shescape
High
CVE-2022-25918
was published
for
shescape
(npm)
Oct 25, 2022
ReDoS in py library when used with subversion
High
CVE-2022-42969
was published
for
py
(pip)
Oct 16, 2022
loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS) via url variable
High
CVE-2022-37603
was published
for
loader-utils
(npm)
Oct 14, 2022
loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS)
High
CVE-2022-37599
was published
for
loader-utils
(npm)
Oct 12, 2022
Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. An...
Moderate
Unreviewed
CVE-2022-34402
was published
Oct 11, 2022
v8n vulnerable to Inefficient Regular Expression Complexity
High
CVE-2022-35923
was published
for
v8n
(npm)
Oct 7, 2022
react-native-reanimated vulnerable to ReDoS
High
CVE-2022-24373
was published
for
react-native-reanimated
(npm)
Oct 1, 2022
Dell Hybrid Client prior to version 1.8 contains a Regular Expression Denial of Service...
Low
Unreviewed
CVE-2022-34428
was published
Oct 1, 2022
steal Inefficient Regular Expression Complexity vulnerability via string variable
High
CVE-2022-37259
was published
for
steal
(npm)
Sep 21, 2022
mako is vulnerable to Regular Expression Denial of Service
High
CVE-2022-40023
was published
for
mako
(pip)
Sep 16, 2022
ProTip!
Advisories are also available from the
GraphQL API