GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
236 advisories
Filter by severity
Void Tools Everything lower than v1.4.1.1022 was discovered to contain a Regular Expression...
Moderate
Unreviewed
CVE-2023-27704
was published
Apr 12, 2023
sqlparse contains a regular expression that is vulnerable to Regular Expression Denial of Service
Moderate
CVE-2023-30608
was published
for
sqlparse
(pip)
Apr 21, 2023
A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2...
Moderate
Unreviewed
CVE-2023-1894
was published
May 5, 2023
git-url-parse Regular Expression Denial of Service
High
CVE-2023-32758
was published
for
git-url-parse
(pip)
May 15, 2023
Liferay Portal has Inefficient Regular Expression
Moderate
CVE-2023-33950
was published
for
com.liferay.portal:release.portal.bom
(Maven)
May 24, 2023
fast-xml-parser vulnerable to Regex Injection via Doctype Entities
High
CVE-2023-34104
was published
for
fast-xml-parser
(npm)
Jun 6, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15...
High
Unreviewed
CVE-2023-2132
was published
Jun 6, 2023
RedCloth Regular Expression Denial of Service issue
High
CVE-2023-31606
was published
for
RedCloth
(RubyGems)
Jun 6, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.7 before 15...
High
Unreviewed
CVE-2023-2198
was published
Jun 7, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.0 before 15...
High
Unreviewed
CVE-2023-2199
was published
Jun 7, 2023
git-url-parse crate vulnerable to Regular Expression Denial of Service
Low
CVE-2023-33290
was published
for
git-url-parse
(Rust)
Jun 12, 2023
semver vulnerable to Regular Expression Denial of Service
High
CVE-2022-25883
was published
for
semver
(npm)
Jun 21, 2023
urlnorm vulnerable to Regular Expression Denial of Service
High
CVE-2023-33289
was published
for
urlnorm
(Rust)
Jun 21, 2023
word-wrap vulnerable to Regular Expression Denial of Service
Moderate
CVE-2023-26115
was published
for
word-wrap
(npm)
Jun 22, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.10 before 16.1,...
Moderate
Unreviewed
CVE-2023-2232
was published
Jun 28, 2023
Mailform Pro CGI 4.3.1.2 and earlier allows a remote unauthenticated attacker to cause a denial...
High
Unreviewed
CVE-2023-32610
was published
Jun 29, 2023
URI gem has ReDoS vulnerability
Moderate
CVE-2023-36617
was published
for
uri
(RubyGems)
Jun 29, 2023
Django has regular expression denial of service vulnerability in EmailValidator/URLValidator
High
CVE-2023-36053
was published
for
Django
(pip)
Jul 3, 2023
is_js vulnerable to Regular Expression Denial of Service
High
CVE-2020-26302
was published
for
is_js
(npm)
Jul 6, 2023
Apache Airflow Improper Input Validation vulnerability
Moderate
CVE-2023-36543
was published
for
apache-airflow
(pip)
Jul 12, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.3 before 15...
High
Unreviewed
CVE-2023-3424
was published
Jul 13, 2023
Issue summary: Checking excessively long DH keys or parameters may be very slow.
Impact summary:...
Moderate
Unreviewed
CVE-2023-3446
was published
Jul 19, 2023
In JetBrains TeamCity before 2023.05.2 a ReDoS attack was possible via integration with issue...
High
Unreviewed
CVE-2023-39174
was published
Jul 25, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.14 before 16...
High
Unreviewed
CVE-2023-3364
was published
Aug 2, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.0.8,...
High
Unreviewed
CVE-2023-0632
was published
Aug 2, 2023
ProTip!
Advisories are also available from the
GraphQL API