GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
339 advisories
Regular expression denial-of-service in Django
Moderate
CVE-2024-27351
was published
for
django
(pip)
Mar 15, 2024
Inefficient Regular Expression Complexity in koa
Critical
CVE-2025-25200
was published
for
koa
(npm)
Feb 12, 2025
parse-duration has a Regex Denial of Service that results in event loop delay and out of memory
High
CVE-2025-25283
was published
for
parse-duration
(npm)
Feb 12, 2025
cookiejar Regular Expression Denial of Service via Cookie.parse function
Moderate
CVE-2022-25901
was published
for
cookiejar
(Maven)
Jan 18, 2023
http-cache-semantics vulnerable to Regular Expression Denial of Service
High
CVE-2022-25881
was published
for
http-cache-semantics
(Maven)
Jan 31, 2023
sqlparse contains a regular expression that is vulnerable to Regular Expression Denial of Service
Moderate
CVE-2023-30608
was published
for
sqlparse
(pip)
Apr 21, 2023
@octokit/endpoint has a Regular Expression in parse that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
Moderate
CVE-2025-25285
was published
for
@octokit/endpoint
(npm)
Feb 14, 2025
@octokit/request-error has a Regular Expression in index that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
Moderate
CVE-2025-25289
was published
for
@octokit/request-error
(npm)
Feb 14, 2025
@octokit/plugin-paginate-rest has a Regular Expression in iterator Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
Moderate
CVE-2025-25288
was published
for
@octokit/plugin-paginate-rest
(npm)
Feb 14, 2025
@octokit/request has a Regular Expression in fetchWrapper that Leads to ReDoS Vulnerability Due to Catastrophic Backtracking
Moderate
CVE-2025-25290
was published
for
@octokit/request
(npm)
Feb 14, 2025
ReDoS based DoS vulnerability in Action Dispatch
Low
CVE-2023-22792
was published
for
actionpack
(RubyGems)
Jan 18, 2023
Spring Framework DoS via conditional HTTP request
Moderate
CVE-2024-38809
was published
for
org.springframework:spring-web
(Maven)
Sep 24, 2024
ProTip!
Advisories are also available from the
GraphQL API