Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,830
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

239 advisories

Loading
eazy-logger prototype pollution High
CVE-2024-57075 was published for eazy-logger (npm) Feb 6, 2025
RDIL
Cache variables with the operations when transforms exist on the root level even if variables change in the further requests with the same operation Moderate
CVE-2025-27097 was published for @graphql-mesh/runtime (npm) Oct 10, 2023
ardatan khell
Denial of service in css-what High
CVE-2021-33587 was published for css-what (npm) Jun 7, 2021
Uncontrolled Resource Consumption in ansi-html High
CVE-2021-23424 was published for ansi-html (npm) Sep 2, 2021
Diddern
Regular Expression Denial of Service in jsoneditor Moderate
CVE-2021-3822 was published for jsoneditor (npm) Sep 29, 2021
axios Inefficient Regular Expression Complexity vulnerability High
CVE-2021-3749 was published for axios (npm) Sep 1, 2021
Regular Expression Denial of Service (ReDoS) High
GHSA-h6ch-v84p-w6p9 was published for diff (npm) Jun 13, 2019
fetch(url) leads to a memory leak in undici Moderate
CVE-2024-24750 was published for undici (npm) Feb 16, 2024
mcollina
Directus GraphQL Field Duplication Denial of Service (DoS) High
CVE-2024-39895 was published for @directus/env (npm) Jul 8, 2024
asantof
Next.js Denial of Service (DoS) condition High
CVE-2024-39693 was published for next (npm) Jul 10, 2024
kangax html-minifier REDoS vulnerability High
CVE-2022-37620 was published for html-minifier (npm) Oct 31, 2022
mapshaper Path Traversal vulnerability Moderate
CVE-2024-1163 was published for mapshaper (npm) Feb 13, 2024
JafarAkhondali
Denial of service in http-proxy-middleware High
CVE-2024-21536 was published for http-proxy-middleware (npm) Oct 19, 2024
fast-xml-parser vulnerable to ReDOS at currency parsing High
CVE-2024-41818 was published for fast-xml-parser (npm) Jul 29, 2024
Gauss-Security amitguptagwl
iamvolvo aaron-belenky
SUCHMOKUO node-worker-threads-pool denial of service Vulnerability Moderate
CVE-2021-29057 was published for node-worker-threads-pool (npm) Aug 11, 2023
nalandial
Denial of service in rocket chat message parser Moderate
CVE-2024-46935 was published for @rocket.chat/message-parser (npm) Sep 25, 2024
Strapi's field level permissions not being respected in relationship title Moderate
CVE-2023-37263 was published for @strapi/plugin-content-manager (npm) Sep 13, 2023
Boegie19 derrickmehaffy
alexandrebodin
Flowise Unauthenticated Denial of Service (DoS) vulnerability High
CVE-2024-8182 was published for flowise (npm) Aug 27, 2024
images vulnerable to Denial of Service High
CVE-2024-21523 was published for images (npm) Jul 10, 2024
Regular Expression Denial of Service in ms High
CVE-2015-8315 was published for ms (npm) Oct 24, 2017
speaker vulnerable to Denial of Service High
CVE-2024-21526 was published for speaker (npm) Jul 10, 2024
Uncontrolled resource consumption in braces High
CVE-2024-4068 was published for braces (npm) May 14, 2024
AlmogApiiro
s3-url-parser vulnerable to Denial of Service via regexes component High
CVE-2024-25355 was published for s3-url-parser (npm) May 1, 2024
glob-parent vulnerable to Regular Expression Denial of Service in enclosure regex High
CVE-2020-28469 was published for glob-parent (npm) Jun 7, 2021
sealonohana
Denial of service while parsing a tar file due to lack of folders count validation Moderate
CVE-2024-28863 was published for node-tar (npm) Mar 22, 2024
DEMON1A AlmogApiiro
ebickle
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database