GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
226 advisories
Filter by severity
Denial of Service (DoS) via the unsetByPath function in jsjoints
High
CVE-2020-28479
was published
for
jointjs
(npm)
Apr 13, 2021
Prototype Pollution in asciitable.js
Critical
CVE-2020-7771
was published
for
asciitable.js
(npm)
Apr 13, 2021
Uncontrolled Resource Consumption in rdf-graph-array
Moderate
CVE-2019-10798
was published
for
rdf-graph-array
(npm)
Apr 13, 2021
Regular Expression Denial of Service (ReDoS) in es6-crawler-detect
Moderate
CVE-2020-28501
was published
for
es6-crawler-detect
(npm)
Apr 13, 2021
Denial of Service in get-ip-range
High
CVE-2021-27191
was published
for
get-ip-range
(npm)
Apr 13, 2021
Regular expression Denial of Service in multiple packages
Moderate
CVE-2021-21391
was published
for
@ckeditor/ckeditor5-engine
(npm)
Apr 6, 2021
Regular Expression Denial of Service (ReDoS)
High
CVE-2021-28092
was published
for
is-svg
(npm)
Mar 19, 2021
Regular Expression Denial of Service (ReDoS)
High
CVE-2021-27290
was published
for
ssri
(npm)
Mar 19, 2021
printf vulnerable to Regular Expression Denial of Service (ReDoS)
High
CVE-2021-23354
was published
for
printf
(npm)
Mar 19, 2021
Regular Expression Denial-of-Service in npm schema-inspector
High
CVE-2021-21267
was published
for
schema-inspector
(npm)
Mar 19, 2021
html-parse-stringify and html-parse-stringify2 vulnerable to Regular expression denial of service (ReDoS)
Moderate
CVE-2021-23346
was published
for
html-parse-stringify
(npm)
Mar 18, 2021
jspdf vulnerable to Regular Expression Denial of Service (ReDoS)
High
CVE-2021-23353
was published
for
jspdf
(npm)
Mar 12, 2021
Regular expression Denial of Service in @progfay/scrapbox-parser
Moderate
CVE-2021-27405
was published
for
@progfay/scrapbox-parser
(npm)
Mar 1, 2021
Regular Expression Denial of Service (REDoS) in Marked
Moderate
CVE-2021-21306
was published
for
marked
(npm)
Feb 8, 2021
Prototype pollution in nested-object-assign
High
CVE-2021-23329
was published
for
nested-object-assign
(npm)
Feb 1, 2021
CKEditor 5 Markdown plugin Regular expression Denial of Service
Moderate
CVE-2021-21254
was published
for
@ckeditor/ckeditor5-markdown-gfm
(npm)
Jan 29, 2021
ProTip!
Advisories are also available from the
GraphQL API