GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
947 advisories
Inefficient Regular Expression Complexity in nltk (word_tokenize, sent_tokenize)
High
CVE-2021-43854
was published
for
nltk
(pip)
Jan 6, 2022
Regular Expression Denial of Service (ReDoS) in jsx-slack
Low
CVE-2021-43838
was published
for
jsx-slack
(npm)
Dec 17, 2021
Uncontrolled Resource Consumption in strapi
Moderate
CVE-2020-8123
was published
for
strapi-admin
(npm)
Dec 10, 2021
Remote code injection in Log4j
Critical
CVE-2021-44228
was published
for
com.guicedee.services:log4j-core
(Maven)
Dec 10, 2021
Infinite certificate chain depth results in OctoRPKI running forever
Moderate
CVE-2021-3908
was published
for
github.com/cloudflare/cfrpki
(Go)
Nov 10, 2021
Infinite open connection causes OctoRPKI to hang forever
Moderate
CVE-2021-3909
was published
for
github.com/cloudflare/cfrpki
(Go)
Nov 10, 2021
ReDoS vulnerability in parser_apache2
Moderate
CVE-2021-41186
was published
for
fluentd
(RubyGems)
Nov 1, 2021
Denial of service in DataCommunicator class in Vaadin 8
Moderate
CVE-2021-33609
was published
for
com.vaadin:vaadin-server
(Maven)
Oct 13, 2021
Apprise vulnerable to regex injection with IFTTT Plugin
High
CVE-2021-39229
was published
for
apprise
(pip)
Sep 20, 2021
Inefficient Regular Expression Complexity in vuelidate
High
CVE-2021-3794
was published
for
@vuelidate/validators
(npm)
Sep 20, 2021
ProTip!
Advisories are also available from the
GraphQL API