Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

119 advisories

Loading
Regular Expression Denial of Service in is-my-json-valid High
CVE-2016-2537 was published for is-my-json-valid (npm) Oct 24, 2017
Regular Expression Denial of Service in marked High
CVE-2015-8854 was published for marked (npm) Oct 24, 2017
Regular Expression Denial of Service in semver High
CVE-2015-8855 was published for semver (npm) Oct 24, 2017
Regular Expression Denial of Service in uglify-js High
CVE-2015-8858 was published for uglify-js (npm) Oct 24, 2017
Regular Expression Denial of Service in ms High
CVE-2015-8315 was published for ms (npm) Oct 24, 2017
ReDoS in brace-expansion High
CVE-2017-18077 was published for brace-expansion (npm) Jan 29, 2018
Regular Expression Denial of Service in hawk High
CVE-2016-2515 was published for hawk (npm) Jul 31, 2018
Regular Expression Denial of Service in highcharts High
CVE-2018-20801 was published for highcharts (npm) Mar 18, 2019
Regular Expression Denial of Service in remarkable High
CVE-2019-12041 was published for remarkable (npm) Jun 6, 2019
LeSuisse
regular expression denial-of-service (ReDoS) in Bleach High
CVE-2020-6817 was published for bleach (pip) Mar 30, 2020
Denial of Service in uap-core High
CVE-2021-21317 was published for uap-core (npm) Feb 2, 2021
markdown2 Regular Expression Denial of Service High
CVE-2021-26813 was published for markdown2 (pip) Jun 2, 2021
Regular Expression Denial of Service in System.Text.RegularExpressions High
CVE-2019-0820 was published for System.Text.RegularExpressions (NuGet) Aug 4, 2021
r-bit-rry
axios Inefficient Regular Expression Complexity vulnerability High
CVE-2021-3749 was published for axios (npm) Sep 1, 2021
Regular Expression Denial of Service in flask-restx High
CVE-2021-32838 was published for flask-restx (pip) Sep 8, 2021
erik-krogh yoff
Inefficient Regular Expression Complexity in taro High
CVE-2021-3804 was published for @tarojs/helper (npm) Sep 20, 2021
richardfan0606
Inefficient Regular Expression Complexity in code-server High
CVE-2021-3810 was published for code-server (npm) Sep 20, 2021
Inefficient Regular Expression Complexity in chalk/ansi-regex High
CVE-2021-3807 was published for ansi-regex (npm) Sep 20, 2021
MylesBorins cji-stripe
G-Rath
Inefficient Regular Expression Complexity in vuelidate High
CVE-2021-3794 was published for @vuelidate/validators (npm) Sep 20, 2021
madcatone
semver-regex Regular Expression Denial of Service (ReDOS) High
CVE-2021-3795 was published for semver-regex (npm) Sep 20, 2021
Inefficient Regular Expression Complexity in nth-check High
CVE-2021-3803 was published for nth-check (npm) Sep 20, 2021
Charley10101 Shital769
Regular Expression Denial of Service in Leo Editor High
CVE-2020-23478 was published for leo (pip) Sep 23, 2021
inflect vulnerable to Inefficient Regular Expression Complexity High
CVE-2021-3820 was published for i (npm) Sep 29, 2021
NLTK Vulnerable to REDoS High
CVE-2021-3828 was published for nltk (pip) Sep 29, 2021
Inefficient Regular Expression Complexity in handsontable High
CVE-2021-23446 was published for handsontable (npm) Sep 30, 2021
ProTip! Advisories are also available from the GraphQL API