Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

238 advisories

Loading
Regular Expression Denial of Service in flask-restx High
CVE-2021-32838 was published for flask-restx (pip) Sep 8, 2021
erik-krogh yoff
ReDoS issue in dparse Moderate
CVE-2022-39280 was published for dparse (pip) Sep 27, 2022
Django has regular expression denial of service vulnerability in EmailValidator/URLValidator High
CVE-2023-36053 was published for Django (pip) Jul 3, 2023
Django denial-of-service vulnerability in internationalized URLs High
CVE-2022-41323 was published for django (pip) Oct 16, 2022
sunSUNQ
Wagtail regular expression denial-of-service via search query parsing Moderate
CVE-2024-39317 was published for wagtail (pip) Jul 11, 2024
RealOrangeOne
find-my-way has a ReDoS vulnerability in multiparametric routes High
CVE-2024-45813 was published for find-my-way (npm) Sep 18, 2024
blakeembrey mcollina
Django ReDoS in validators.URLValidator High
CVE-2015-5145 was published for Django (pip) May 17, 2022
DOMPurify allows tampering by prototype pollution High
CVE-2024-45801 was published for dompurify (npm) Sep 16, 2024
eslerm cure53
Django Regex Algorithmic Complexity Causes Denial of Service High
CVE-2009-3695 was published for Django (pip) May 2, 2022
Apache Airflow Improper Input Validation vulnerability Moderate
CVE-2023-36543 was published for apache-airflow (pip) Jul 12, 2023
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.1.7... High Unreviewed
CVE-2024-8124 was published Sep 12, 2024
path-to-regexp outputs backtracking regular expressions High
CVE-2024-45296 was published for path-to-regexp (npm) Sep 9, 2024
blakeembrey ctcpip
uniabis stbenjam pseudoralph mschfh jusemon panva alenovik jaydeep-bypt
fast-xml-parser vulnerable to ReDOS at currency parsing High
CVE-2024-41818 was published for fast-xml-parser (npm) Jul 29, 2024
Gauss-Security amitguptagwl
Zod denial of service vulnerability Moderate
CVE-2023-4316 was published for zod (npm) Sep 28, 2023
RobinTail
regular expression denial-of-service (ReDoS) in Bleach High
CVE-2020-6817 was published for bleach (pip) Mar 30, 2020
There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard... High Unreviewed
CVE-2024-7592 was published Aug 19, 2024
There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed... High Unreviewed
CVE-2024-6232 was published Sep 3, 2024
ReDoS in urlregex Moderate
CVE-2020-36830 was published for urlregex (npm) Sep 2, 2024
A vulnerability has been found in Secure Systems Engineering Connaisseur up to 3.3.0 and... Low Unreviewed
CVE-2023-7279 was published Sep 2, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5... Moderate Unreviewed
CVE-2024-1493 was published Jun 27, 2024
domain-suffix RegEx Denial of Service High
CVE-2024-25354 was published for domain-suffix (npm) Mar 28, 2024
Regular Expression Denial of Service (ReDoS) in micromatch Moderate
CVE-2024-4067 was published for micromatch (npm) May 14, 2024
jagonalez MarioTeixeiraCx
Denial of service condition in M-Files Server in versions before 24.4.13592.4 and after 23.11 ... High Unreviewed
CVE-2024-4056 was published Apr 26, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.10 prior to 17.0... Moderate Unreviewed
CVE-2024-3114 was published Aug 8, 2024
ReDoS flaw in RefMatcher when matching branch names using wildcards in GitLab EE/CE affecting all... Moderate Unreviewed
CVE-2024-2800 was published Aug 8, 2024
ProTip! Advisories are also available from the GraphQL API