Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

947 advisories

Loading
Denial of Service in SheetJS Pro Moderate
CVE-2021-32014 was published for org.webjars.npm:xlsx (Maven) Jul 22, 2021
Regular expression denial of service in react-native High
CVE-2020-1920 was published for react-native (npm) Jul 20, 2021
Regular Expression Denial of Service in Addressable templates High
CVE-2021-32740 was published for addressable (RubyGems) Jul 12, 2021
Resource Exhaustion in Spring Security High
CVE-2021-22119 was published for org.springframework.security:spring-security-core (Maven) Jul 2, 2021
Resource exhaustion in socket.io-parser High
CVE-2020-36049 was published for socket.io-parser (npm) Jun 30, 2021
Denial of Service in miekg-dns High
CVE-2017-15133 was published for github.com/miekg/dns (Go) Jun 29, 2021
Denial of service in github.com/ethereum/go-ethereum Moderate
CVE-2020-26264 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
lukaszmatczak
Credited to lukaszmatczak
Denial of service in geth Moderate
CVE-2020-26242 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
Regular Expression Denial of Service (ReDoS) in Prism High
CVE-2021-32723 was published for prismjs (npm) Jun 28, 2021
Potential Denial-of-Service in bindata Moderate
CVE-2021-32823 was published for bindata (RubyGems) Jun 23, 2021
Denial of service in GJSON High
CVE-2020-35380 was published for github.com/tidwall/gjson (Go) Jun 23, 2021
Uncontrolled Resource Consumption in Apache OpenMeetings server High
CVE-2021-27576 was published for org.apache.openmeetings:openmeetings-parent (Maven) Jun 16, 2021
Uncontrolled Resource Consumption in JPA Server in HAPI FHIR Moderate
CVE-2021-32053 was published for ca.uhn.hapi.fhir:hapi-fhir-jpaserver-base (Maven) Jun 16, 2021
Uncontrolled Resource Consumption in locutus High
CVE-2021-23392 was published for locutus (npm) Jun 10, 2021
ReDoS in normalize-url High
CVE-2021-33502 was published for normalize-url (npm) Jun 8, 2021
Uncontrolled Resource Consumption in XNIO Moderate
CVE-2020-14340 was published for org.jboss.xnio:xnio-nio (Maven) Jun 8, 2021
Uncontrolled Resource Consumption in Pillow High
CVE-2021-28677 was published for Pillow (pip) Jun 8, 2021
sunSUNQ
Credited to sunSUNQ
Denial of service in css-what High
CVE-2021-33587 was published for css-what (npm) Jun 7, 2021
Uncontrolled Resource Consumption in trim-newlines High
CVE-2021-33623 was published for trim-newlines (npm) Jun 7, 2021
Regular expression denial of service in forms Moderate
CVE-2021-23388 was published for forms (npm) Jun 7, 2021
glob-parent vulnerable to Regular Expression Denial of Service in enclosure regex High
CVE-2020-28469 was published for glob-parent (npm) Jun 7, 2021
sealonohana
Credited to sealonohana
Catastrophic backtracking in URL authority parser when passed URL containing many @ characters High
CVE-2021-33503 was published for urllib3 (pip) Jun 1, 2021
NariyoshiChida ap-wtioit
Credited to NariyoshiChida and ap-wtioit
ReDoS in Sec-Websocket-Protocol header Moderate
CVE-2021-32640 was published for ws (npm) May 28, 2021
robmcl4
Credited to robmcl4
Regular Expression Denial of Service in browserslist Moderate
CVE-2021-23364 was published for browserslist (npm) May 24, 2021
Import loops in account imports, nats-server DoS Low
GHSA-gwj5-3vfq-q992 was published for github.com/nats-io/nats-server/v2 (Go) May 21, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database