Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

40 advisories

Loading
regular expression denial-of-service (ReDoS) in Bleach High
CVE-2020-6817 was published for bleach (pip) Mar 30, 2020
markdown2 Regular Expression Denial of Service High
CVE-2021-26813 was published for markdown2 (pip) Jun 2, 2021
Regular Expression Denial of Service in flask-restx High
CVE-2021-32838 was published for flask-restx (pip) Sep 8, 2021
erik-krogh yoff
Regular Expression Denial of Service in Leo Editor High
CVE-2020-23478 was published for leo (pip) Sep 23, 2021
NLTK Vulnerable to REDoS High
CVE-2021-3828 was published for nltk (pip) Sep 29, 2021
ReDoS in LDAP schema parser Moderate
GHSA-r8wq-qrxc-hmcm was published for python-ldap (pip) Nov 29, 2021
NLTK Vulnerable to REDoS High
CVE-2021-3842 was published for nltk (pip) Jan 6, 2022
Uncontrolled Resource Consumption in Apache DolphinScheduler High
CVE-2022-25598 was published for apache-dolphinscheduler (Maven) Mar 31, 2022
Django Regex Algorithmic Complexity Causes Denial of Service High
CVE-2009-3695 was published for Django (pip) May 2, 2022
Django ReDoS in validators.URLValidator High
CVE-2015-5145 was published for Django (pip) May 17, 2022
Regular expression denial of service in url_regex Moderate
CVE-2022-21195 was published for url_regex (pip) May 21, 2022
Denial of Service in python-ldap Moderate
CVE-2021-46823 was published for python-ldap (pip) Jun 19, 2022
Mistune vulnerable to catastrophic backtracking High
CVE-2022-34749 was published for mistune (pip) Jul 26, 2022
sersorrel
Regular expression denial of service in eth-account Moderate
CVE-2022-1930 was published for eth-account (pip) Aug 23, 2022
mako is vulnerable to Regular Expression Denial of Service High
CVE-2022-40023 was published for mako (pip) Sep 16, 2022
ReDoS issue in dparse Moderate
CVE-2022-39280 was published for dparse (pip) Sep 27, 2022
ReDoS in py library when used with subversion High
CVE-2022-42969 was published for py (pip) Oct 16, 2022
The-Compiler jwilk
Django denial-of-service vulnerability in internationalized URLs High
CVE-2022-41323 was published for django (pip) Oct 16, 2022
sunSUNQ
snowflake-connector-python is vulnerable to Regular Expression Denial of Service (ReDoS) Moderate
CVE-2022-42965 was published for snowflake-connector-python (pip) Nov 10, 2022
JBrown0x90 westonsteimel
pymatgen is vulnerable to Regular Expression Denial of Service (ReDoS) Moderate
CVE-2022-42964 was published for pymatgen (pip) Nov 10, 2022
cleo is vulnerable to Regular Expression Denial of Service (ReDoS) Moderate
CVE-2022-42966 was published for cleo (pip) Nov 10, 2022
neersighted tdunlap607
pypa/setuptools vulnerable to Regular Expression Denial of Service (ReDoS) High
CVE-2022-40897 was published for setuptools (pip) Dec 23, 2022
pypa/wheel vulnerable to Regular Expression denial of service (ReDoS) High
CVE-2022-40898 was published for wheel (pip) Dec 23, 2022
mechanize Regular Expression Denial of Service vulnerability High
CVE-2021-32837 was published for mechanize (pip) Jan 18, 2023
configobj ReDoS exploitable by developer using values in a server-side configuration file Low
CVE-2023-26112 was published for configobj (pip) Apr 3, 2023
ProTip! Advisories are also available from the GraphQL API