GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,296 advisories
Misinterpretation of malicious XML input
Moderate
CVE-2021-21366
was published
for
xmldom
(npm)
Mar 12, 2021
Expo on iOS is insecure due incorrect security attribute application
Moderate
CVE-2020-24653
was published
for
expo
(npm)
May 24, 2022
mercurius has Uncaught Exception when using subscriptions
Moderate
CVE-2023-22477
was published
for
mercurius
(npm)
Jan 9, 2023
ReDoS in Sec-Websocket-Protocol header
Moderate
CVE-2021-32640
was published
for
ws
(npm)
May 28, 2021
`undici.request` vulnerable to SSRF using absolute URL on `pathname`
Moderate
CVE-2022-35949
was published
for
undici
(npm)
Aug 18, 2022
Nodejs ‘undici’ vulnerable to CRLF Injection via Content-Type
Moderate
CVE-2022-35948
was published
for
undici
(npm)
Aug 18, 2022
ProTip!
Advisories are also available from the
GraphQL API