Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

17 advisories

Loading
Django vulnerable to denial-of-service attack Moderate
CVE-2024-41991 was published for Django (pip) Aug 7, 2024
Wagtail regular expression denial-of-service via search query parsing Moderate
CVE-2024-39317 was published for wagtail (pip) Jul 11, 2024
RealOrangeOne
Pydantic regular expression denial of service Moderate
CVE-2024-3772 was published for pydantic (pip) Apr 15, 2024
Black vulnerable to Regular Expression Denial of Service (ReDoS) Moderate
CVE-2024-21503 was published for black (pip) Mar 19, 2024
Regular expression denial-of-service in Django Moderate
CVE-2024-27351 was published for django (pip) Mar 15, 2024
MarkLee131
ReDoS in Embedchain Moderate
CVE-2024-23732 was published for embedchain (pip) Jan 21, 2024
TorBot vulnerable to Inefficient Regular Expression Complexity in validate_link Moderate
CVE-2023-45813 was published for torbot (pip) Oct 19, 2023
ikkebr
Apache Airflow Improper Input Validation vulnerability Moderate
CVE-2023-36543 was published for apache-airflow (pip) Jul 12, 2023
sqlparse contains a regular expression that is vulnerable to Regular Expression Denial of Service Moderate
CVE-2023-30608 was published for sqlparse (pip) Apr 21, 2023
erik-krogh
pymatgen is vulnerable to Regular Expression Denial of Service (ReDoS) Moderate
CVE-2022-42964 was published for pymatgen (pip) Nov 10, 2022
snowflake-connector-python is vulnerable to Regular Expression Denial of Service (ReDoS) Moderate
CVE-2022-42965 was published for snowflake-connector-python (pip) Nov 10, 2022
JBrown0x90 westonsteimel
cleo is vulnerable to Regular Expression Denial of Service (ReDoS) Moderate
CVE-2022-42966 was published for cleo (pip) Nov 10, 2022
neersighted tdunlap607
ReDoS issue in dparse Moderate
CVE-2022-39280 was published for dparse (pip) Sep 27, 2022
Regular expression denial of service in eth-account Moderate
CVE-2022-1930 was published for eth-account (pip) Aug 23, 2022
Denial of Service in python-ldap Moderate
CVE-2021-46823 was published for python-ldap (pip) Jun 19, 2022
Regular expression denial of service in url_regex Moderate
CVE-2022-21195 was published for url_regex (pip) May 21, 2022
ReDoS in LDAP schema parser Moderate
GHSA-r8wq-qrxc-hmcm was published for python-ldap (pip) Nov 29, 2021
ProTip! Advisories are also available from the GraphQL API