Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

339 advisories

Loading
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.5 before 16... High Unreviewed
CVE-2024-2829 was published Apr 25, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.7, all versions... Moderate Unreviewed
CVE-2024-2651 was published May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.11 prior to... Moderate Unreviewed
CVE-2023-6688 was published May 14, 2024
An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions... Moderate Unreviewed
CVE-2023-6678 was published Apr 12, 2024
An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior... Low Unreviewed
CVE-2023-3906 was published Sep 29, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5,... Moderate Unreviewed
CVE-2023-3205 was published Sep 1, 2023
A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions... Moderate Unreviewed
CVE-2023-6502 was published May 23, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to... Moderate Unreviewed
CVE-2023-6682 was published May 14, 2024
NLTK Vulnerable to REDoS High
CVE-2021-3828 was published for nltk (pip) Sep 29, 2021
find-my-way has a ReDoS vulnerability in multiparametric routes High
CVE-2024-45813 was published for find-my-way (npm) Sep 18, 2024
blakeembrey mcollina
sealonohana
xhtml2pdf Denial of Service via crafted string Moderate
CVE-2024-25885 was published for xhtml2pdf (pip) Oct 8, 2024
fast-xml-parser vulnerable to ReDOS at currency parsing High
CVE-2024-41818 was published for fast-xml-parser (npm) Jul 29, 2024
Gauss-Security amitguptagwl
iamvolvo aaron-belenky
Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:... Moderate Unreviewed
CVE-2023-3446 was published Jul 19, 2023
Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows DoS/ReDos via email.... High Unreviewed
CVE-2024-48938 was published Oct 11, 2024
ReDoS vulnerability in vue package that is exploitable through inefficient regex evaluation in the parseHTML function Low
CVE-2024-9506 was published for vue (npm) Oct 15, 2024
m3t3kh4n
HTML2Markdown is a Javascript implementation for converting HTML to Markdown text. All available... High Unreviewed
CVE-2020-26307 was published Oct 26, 2024
Validate.js provides a declarative way of validating javascript objects. All versions as of 30... High Unreviewed
CVE-2020-26310 was published Oct 26, 2024
Knwl.js Regular Expression Denial of Service vulnerability Moderate
CVE-2020-26306 was published for knwl.js (npm) Oct 26, 2024
validate.js Regular Expression Denial of Service vulnerability Moderate
CVE-2020-26308 was published for validate.js (npm) Oct 26, 2024
nope-validator Regular Expression Denial of Service vulnerability Moderate
CVE-2020-26309 was published for nope-validator (npm) Oct 26, 2024
In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header... Moderate Unreviewed
CVE-2024-50574 was published Oct 28, 2024
Possible ReDoS vulnerability in HTTP Token authentication in Action Controller Moderate
CVE-2024-47887 was published for actionpack (RubyGems) Oct 15, 2024
Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text Moderate
CVE-2024-47888 was published for actiontext (RubyGems) Oct 15, 2024
Permissive Regular Expression in tacquito High
GHSA-p5wf-cmr4-xrwr was published for github.com/facebookincubator/tacquito (Go) Oct 18, 2024
Rack ReDoS Vulnerability in HTTP Accept Headers Parsing Moderate
CVE-2024-39316 was published for rack (RubyGems) Jul 3, 2024
dwisiswant0
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database