Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,830
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

321 advisories

Loading
Denial of service in github.com/ethereum/go-ethereum Moderate
CVE-2020-26264 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
lukaszmatczak
Denial of service in geth Moderate
CVE-2020-26242 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
Potential Denial-of-Service in bindata Moderate
CVE-2021-32823 was published for bindata (RubyGems) Jun 23, 2021
Uncontrolled Resource Consumption in JPA Server in HAPI FHIR Moderate
CVE-2021-32053 was published for ca.uhn.hapi.fhir:hapi-fhir-jpaserver-base (Maven) Jun 16, 2021
Uncontrolled Resource Consumption in XNIO Moderate
CVE-2020-14340 was published for org.jboss.xnio:xnio-nio (Maven) Jun 8, 2021
Regular expression denial of service in forms Moderate
CVE-2021-23388 was published for forms (npm) Jun 7, 2021
ReDoS in Sec-Websocket-Protocol header Moderate
CVE-2021-32640 was published for ws (npm) May 28, 2021
robmcl4
Regular Expression Denial of Service in browserslist Moderate
CVE-2021-23364 was published for browserslist (npm) May 24, 2021
Navigate endpoint is vulnerable to regex injection that may lead to Denial of Service. Moderate
CVE-2021-29506 was published for com.graphhopper:graphhopper-nav (Maven) May 19, 2021
Denial of service (via resource exhaustion) due to improper input validation in third-party identifier endpoint Moderate
GHSA-7h5v-85w9-pq6c was published for matrix-synapse (pip) May 19, 2021
github.com/pires/go-proxyproto denial of service vulnerability Moderate
CVE-2021-23351 was published for github.com/pires/go-proxyproto (Go) May 18, 2021
golang.org/x/text Infinite loop Moderate
CVE-2020-14040 was published for golang.org/x/text (Go) May 18, 2021
Uncontrolled Resource Consumption in firebase Moderate
CVE-2020-7765 was published for @firebase/util (npm) May 18, 2021
Denial of service attack via push rule patterns in matrix-synapse Moderate
CVE-2021-29471 was published for matrix-synapse (pip) May 13, 2021
Improper Locking in github.com/containers/storage Moderate
CVE-2021-20291 was published for github.com/containers/storage (Go) May 10, 2021
Regular expression deinal of service in express-validators Moderate
CVE-2020-7767 was published for express-validators (npm) May 10, 2021
Regular expression denial of service in @absolunet/kafe Moderate
CVE-2020-7761 was published for @absolunet/kafe (npm) May 10, 2021
Regular expression denial of service in codemirror Moderate
CVE-2020-7760 was published for codemirror (npm) May 10, 2021
Regular Expression Denial of Service in postcss Moderate
CVE-2021-23368 was published for postcss (npm) May 10, 2021
Infinite loop in Apache Tika Moderate
CVE-2021-28657 was published for org.apache.tika:tika (Maven) May 10, 2021
Uncontrolled Resource Consumption in Apache Tika Moderate
CVE-2020-1950 was published for org.apache.tika:tika (Maven) May 7, 2021
Improper Handling of Highly Compressed Data (Data Amplification) and Memory Allocation with Excessive Size Value in eventlet Moderate
CVE-2021-21419 was published for eventlet (pip) May 7, 2021
Uncontrolled Resource Consumption in fastify-multipart Moderate
CVE-2020-8136 was published for fastify-multipart (npm) May 6, 2021
Regular Expression Denial of Service in hosted-git-info Moderate
CVE-2021-23362 was published for hosted-git-info (npm) May 6, 2021
Uncontrolled Resource Consumption in pillow Moderate
GHSA-jgpv-4h4c-xhw3 was published for pillow (pip) Apr 23, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database