GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
40 advisories
Filter by severity
ReDoS in LDAP schema parser
Moderate
GHSA-r8wq-qrxc-hmcm
was published
for
python-ldap
(pip)
Nov 29, 2021
Regular Expression Denial of Service in Leo Editor
High
CVE-2020-23478
was published
for
leo
(pip)
Sep 23, 2021
Regular expression denial of service in url_regex
Moderate
CVE-2022-21195
was published
for
url_regex
(pip)
May 21, 2022
pypa/wheel vulnerable to Regular Expression denial of service (ReDoS)
High
CVE-2022-40898
was published
for
wheel
(pip)
Dec 23, 2022
Regular expression denial of service in eth-account
Moderate
CVE-2022-1930
was published
for
eth-account
(pip)
Aug 23, 2022
mechanize Regular Expression Denial of Service vulnerability
High
CVE-2021-32837
was published
for
mechanize
(pip)
Jan 18, 2023
Uncontrolled Resource Consumption in Apache DolphinScheduler
High
CVE-2022-25598
was published
for
apache-dolphinscheduler
(Maven)
Mar 31, 2022
ReDoS in py library when used with subversion
High
CVE-2022-42969
was published
for
py
(pip)
Oct 16, 2022
Denial of Service in python-ldap
Moderate
CVE-2021-46823
was published
for
python-ldap
(pip)
Jun 19, 2022
Mistune vulnerable to catastrophic backtracking
High
CVE-2022-34749
was published
for
mistune
(pip)
Jul 26, 2022
pymatgen is vulnerable to Regular Expression Denial of Service (ReDoS)
Moderate
CVE-2022-42964
was published
for
pymatgen
(pip)
Nov 10, 2022
markdown2 Regular Expression Denial of Service
High
CVE-2021-26813
was published
for
markdown2
(pip)
Jun 2, 2021
snowflake-connector-python is vulnerable to Regular Expression Denial of Service (ReDoS)
Moderate
CVE-2022-42965
was published
for
snowflake-connector-python
(pip)
Nov 10, 2022
mako is vulnerable to Regular Expression Denial of Service
High
CVE-2022-40023
was published
for
mako
(pip)
Sep 16, 2022
cleo is vulnerable to Regular Expression Denial of Service (ReDoS)
Moderate
CVE-2022-42966
was published
for
cleo
(pip)
Nov 10, 2022
TorBot vulnerable to Inefficient Regular Expression Complexity in validate_link
Moderate
CVE-2023-45813
was published
for
torbot
(pip)
Oct 19, 2023
git-url-parse Regular Expression Denial of Service
High
CVE-2023-32758
was published
for
git-url-parse
(pip)
May 15, 2023
sqlparse contains a regular expression that is vulnerable to Regular Expression Denial of Service
Moderate
CVE-2023-30608
was published
for
sqlparse
(pip)
Apr 21, 2023
configobj ReDoS exploitable by developer using values in a server-side configuration file
Low
CVE-2023-26112
was published
for
configobj
(pip)
Apr 3, 2023
Duplicate Advisory: FastAPI Content-Type Header ReDoS
High
GHSA-qf9m-vfgh-m389
was published
for
fastapi
(pip)
Feb 5, 2024
•
withdrawn
Denial of service via regular expression
High
CVE-2024-28865
was published
for
wiki
(pip)
Mar 18, 2024
Duplicate Advisory: ReDos vulnerability of XMLFeedSpider
High
GHSA-7c9g-vj9m-8pm6
was published
for
scrapy
(pip)
Feb 28, 2024
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API