Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,329
NuGet
762
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

302 advisories

Loading
Denial of Service in Apache Commons Compress High
CVE-2019-12402 was published for io.github.1tchy.java9modular.org.apache.commons:commons-compress (Maven) Oct 11, 2019
A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the... High Unreviewed
CVE-2022-46285 was published Feb 7, 2023
Pion DTLS Header reconstruction method can be thrown into an infinite loop High
CVE-2022-29190 was published for github.com/pion/dtls (Go) May 24, 2022
StackStorm st2 Infinite Loop Condition High
CVE-2021-28667 was published for st2client (pip) May 24, 2022 withdrawn
Routinator infinite loop vulnerability High
CVE-2021-43172 was published for routinator (Rust) May 24, 2022
A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some... High Unreviewed
CVE-2022-44617 was published Feb 7, 2023
SwiftNIO Extras vulnerable to improper detection of complete HTTP body decompression High
CVE-2022-3252 was published for github.com/apple/swift-nio-extras (Swift) Jun 7, 2023
vojtarylko
Credited to vojtarylko
Integer Overflow/Infinite Loop in the http crate High
CVE-2020-25574 was published for http (Rust) Aug 25, 2021
Nokogiri gem, via libxml, is affected by DoS vulnerabilities High
CVE-2017-16932 was published for nokogiri (RubyGems) May 13, 2022
libxml as used in Nokogiri has an infinite loop in a certain end-of-file situation High
CVE-2020-7595 was published for nokogiri (RubyGems) Feb 24, 2020
This vulnerability allows remote attackers to create a denial-of-service condition on affected... High Unreviewed
CVE-2022-37013 was published Mar 29, 2023
RubyGems Infinite Loop vulnerability High
CVE-2018-1000075 was published for org.jruby:jruby-stdlib (RubyGems) May 13, 2022
Asciidoctor Infinite Loop vulnerability High
CVE-2018-18385 was published for asciidoctor (RubyGems) May 13, 2022
In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file can result in an avio_seek... High Unreviewed
CVE-2019-14442 was published May 24, 2022
Denial of service in modem due to missing null check while processing IP packets with padding High Unreviewed
CVE-2022-25734 was published Feb 12, 2023
Improper calculations in ECC implementation can trigger a Denial-of-Service (DoS) High
CVE-2023-25653 was published for node-jose (npm) Feb 16, 2023
justaugustus bifurcation
Credited to justaugustus and bifurcation
socks Infinite Loop vulnerability High
CVE-2013-10005 was published for github.com/btcsuite/go-socks (Go) Dec 28, 2022
A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header.... High Unreviewed
CVE-2022-0711 was published Mar 3, 2022
Xerox VersaLink devices on specific versions of firmware before 2022-01-26 allow remote attackers... High Unreviewed
CVE-2022-23968 was published Jan 27, 2022
Infinite Loop in colors.js High
CVE-2021-23567 was published for colors (npm) Jan 21, 2022
Unisys ClearPath MCP TCP/IP Networking Services 59.1, 60.0, and 62.0 has an Infinite Loop. High Unreviewed
CVE-2021-45445 was published Jan 13, 2022
An infinite loop vulnerability exists in nasm 2.16rc0 via the gpaste_tokens function. High Unreviewed
CVE-2021-45257 was published Dec 23, 2021
Openwsman, versions up to and including 2.6.9, are vulnerable to infinite loop in... High Unreviewed
CVE-2019-3833 was published May 13, 2022
When a file is processed, an infinite loop occurs in next_inline() of the more_curly() function. High Unreviewed
CVE-2021-33642 was published Jan 20, 2023
PDF Labs pdftk-java v3.2.3 was discovered to contain an infinite loop via the component /text/pdf... High Unreviewed
CVE-2021-37819 was published Sep 10, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database