GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
47 advisories
Filter by severity
fugit parse and parse_nat stall on lengthy input
Moderate
CVE-2024-43380
was published
for
fugit
(RubyGems)
Aug 19, 2024
REXML denial of service vulnerability
Moderate
CVE-2024-39908
was published
for
rexml
(RubyGems)
Jul 16, 2024
REXML contains a denial of service vulnerability
Moderate
CVE-2024-35176
was published
for
rexml
(RubyGems)
May 16, 2024
Rack has possible DoS Vulnerability with Range Header
Low
CVE-2024-26141
was published
for
rack
(RubyGems)
Feb 28, 2024
XSS sidekiq-unique-jobs UI server vulnerability
High
CVE-2024-25122
was published
for
sidekiq-unique-jobs
(RubyGems)
Feb 13, 2024
Duplicate Advisory: encoded_id-rails potential DOS vulnerability due to URIs with extremely long encoded IDs
High
GHSA-4553-hq82-8654
was published
for
encoded_id-rails
(RubyGems)
Jan 4, 2024
•
withdrawn
memory leak flaw was found in ruby-magick
Moderate
CVE-2023-5349
was published
for
rmagick
(RubyGems)
Oct 30, 2023
encoded_id-rails potential DOS vulnerability due to URIs with extremely long encoded IDs
High
CVE-2024-0241
was published
for
encoded_id-rails
(RubyGems)
Oct 24, 2023
sidekiq Denial of Service vulnerability
Moderate
CVE-2023-26141
was published
for
sidekiq
(RubyGems)
Sep 14, 2023
unpoly-rails Denial of Service vulnerability
Moderate
CVE-2023-28846
was published
for
unpoly-rails
(RubyGems)
Mar 30, 2023
Rack has possible DoS Vulnerability in Multipart MIME parsing
High
CVE-2023-27530
was published
for
rack
(RubyGems)
Mar 8, 2023
Several quadratic complexity bugs may lead to denial of service in Commonmarker
Moderate
GHSA-636f-xm5j-pj9m
was published
for
commonmarker
(RubyGems)
Jan 24, 2023
Denial of Service Vulnerability in Rack Content-Disposition parsing
Low
CVE-2022-44571
was published
for
rack
(RubyGems)
Jan 18, 2023
ReDoS based DoS vulnerability in Action Dispatch
Low
CVE-2023-22792
was published
for
actionpack
(RubyGems)
Jan 18, 2023
Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter
High
CVE-2022-44566
was published
for
activerecord
(RubyGems)
Jan 18, 2023
Denial of service via header parsing in Rack
High
CVE-2022-44570
was published
for
rack
(RubyGems)
Jan 18, 2023
Denial of service via multipart parsing in Rack
Low
CVE-2022-44572
was published
for
rack
(RubyGems)
Jan 18, 2023
Unbounded resource exhaustion in cmark-gfm autolink extension may lead to denial of service
Moderate
GHSA-4qw4-jpp4-8gvp
was published
for
commonmarker
(RubyGems)
Sep 21, 2022
Denial of Service Vulnerability in Rack Multipart Parsing
High
CVE-2022-30122
was published
for
rack
(RubyGems)
May 27, 2022
Publify vulnerable to DoS attack
High
CVE-2014-3211
was published
for
publify_core
(RubyGems)
May 17, 2022
Rack Gem Subject to Denial of Service via Hash Collisions
Moderate
CVE-2011-5036
was published
for
org.jruby:jruby-parent
(RubyGems)
May 17, 2022
RubyGems Regular Expression Denial of Service vulnerability
Moderate
CVE-2013-4287
was published
for
rubygems-update
(RubyGems)
May 14, 2022
Puppet Denial of Service and Arbitrary File Write
Low
CVE-2012-1987
was published
for
puppet
(RubyGems)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API