Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,436
Maven
5,000+
npm
5,000+
NuGet
883
pip
4,694
Pub
13
RubyGems
1,029
Rust
1,212
Swift
53
Unreviewed advisories
All unreviewed
5,000+

4 advisories

Loading
path-to-regexp contains a ReDoS High
CVE-2024-52798 was published for path-to-regexp (npm) Dec 5, 2024
blakeembrey Credited to blakeembrey, ctcpip, goshop4eva, and dloetzke ctcpip ctcpip
goshop4eva goshop4eva dloetzke dloetzke
Vite Server Options (server.fs.deny) can be bypassed using double forward-slash (//) High
CVE-2023-34092 was published for vite (npm) Jun 6, 2023
agussetyar Credited to agussetyar, ajaymahadeven, and dloetzke ajaymahadeven ajaymahadeven
dloetzke dloetzke
Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim's service High
CVE-2022-35204 was published for vite (npm) Aug 19, 2022
dloetzke Credited to dloetzke and stypr stypr stypr
Crash in HeaderParser in dicer High
CVE-2022-24434 was published for dicer (Maven) May 21, 2022
dloetzke Credited to dloetzke
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database