GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
77 advisories
Filter by severity
Regular Expression Denial of Service
Moderate
GHSA-6394-6h9h-cfjg
was published
for
nwmatcher
(npm)
Jun 7, 2019
Regular Expression Denial of Service (ReDoS) in lodash
Moderate
CVE-2019-1010266
was published
for
lodash
(npm)
Jul 19, 2019
Prototype Pollution in lutils-merge
Moderate
GHSA-f7qw-5pvg-mmwp
was published
for
lutils-merge
(npm)
Jun 13, 2019
Prototype Pollution in upmerge
Moderate
GHSA-gm9g-2g8v-fvxj
was published
for
upmerge
(npm)
Jun 6, 2019
Denial of Service in js-yaml
Moderate
GHSA-2pr6-76vf-7546
was published
for
js-yaml
(npm)
Jun 5, 2019
Regular Expression Denial of Service in underscore.string
Moderate
GHSA-v2p6-4mp7-3r9v
was published
for
underscore.string
(npm)
Jun 14, 2019
Regular Expression Denial of Service
Moderate
GHSA-qx4v-6gc5-f2vv
was published
for
esm
(npm)
Jun 20, 2019
Denial of Service in url-relative
Moderate
GHSA-86p3-4gfq-38f2
was published
for
url-relative
(npm)
Jun 5, 2019
Denial of Service in rgb2hex
Moderate
GHSA-65p8-3hm4-h9h8
was published
for
rgb2hex
(npm)
Aug 23, 2019
Regular Expression Denial of Service in ssri
Moderate
CVE-2018-7651
was published
for
ssri
(npm)
Mar 7, 2018
Denial of Service in node-sass
Moderate
GHSA-9v62-24cr-58cx
was published
for
node-sass
(npm)
Sep 11, 2020
Regular Expression Denial of Service in bleach
Moderate
CVE-2014-8881
was published
for
bleach
(npm)
Sep 1, 2020
Denial of Service in handlebars
Moderate
GHSA-f52g-6jhx-586p
was published
for
handlebars
(npm)
Sep 3, 2020
ReDOS vulnerabities: multiple grammars
Moderate
GHSA-7wwv-vh3v-89cq
was published
for
@highlightjs/cdn-assets
(npm)
Dec 4, 2020
Denial of Service in node-static
Moderate
GHSA-8r4g-cg4m-x23c
was published
for
node-static
(npm)
Sep 22, 2021
Regular Expression Denial of Service in millisecond
Moderate
GHSA-m489-xr35-fjxr
was published
for
millisecond
(npm)
Sep 22, 2021
Marked ReDoS due to email addresses being evaluated in quadratic time
Moderate
GHSA-xf5p-87ch-gxw2
was published
for
marked
(npm)
Jun 5, 2019
Regular Expression Denial of Service in slug
Moderate
CVE-2017-16117
was published
for
slug
(npm)
Jul 24, 2018
prismjs Regular Expression Denial of Service vulnerability
Moderate
CVE-2021-3801
was published
for
prismjs
(npm)
Sep 20, 2021
CKEditor 5 Markdown plugin Regular expression Denial of Service
Moderate
CVE-2021-21254
was published
for
@ckeditor/ckeditor5-markdown-gfm
(npm)
Jan 29, 2021
jsx-slack insufficient patch for CVE-2021-43838 ReDoS
Moderate
CVE-2021-43843
was published
for
jsx-slack
(npm)
Jan 6, 2022
ProTip!
Advisories are also available from the
GraphQL API