Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

236 advisories

Loading
Void Tools Everything lower than v1.4.1.1022 was discovered to contain a Regular Expression... Moderate Unreviewed
CVE-2023-27704 was published Apr 12, 2023
sqlparse contains a regular expression that is vulnerable to Regular Expression Denial of Service Moderate
CVE-2023-30608 was published for sqlparse (pip) Apr 21, 2023
erik-krogh
A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2... Moderate Unreviewed
CVE-2023-1894 was published May 5, 2023
git-url-parse Regular Expression Denial of Service High
CVE-2023-32758 was published for git-url-parse (pip) May 15, 2023
Liferay Portal has Inefficient Regular Expression Moderate
CVE-2023-33950 was published for com.liferay.portal:release.portal.bom (Maven) May 24, 2023
fast-xml-parser vulnerable to Regex Injection via Doctype Entities High
CVE-2023-34104 was published for fast-xml-parser (npm) Jun 6, 2023
7085 levpachmanov
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15... High Unreviewed
CVE-2023-2132 was published Jun 6, 2023
RedCloth Regular Expression Denial of Service issue High
CVE-2023-31606 was published for RedCloth (RubyGems) Jun 6, 2023
trautlein
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.7 before 15... High Unreviewed
CVE-2023-2198 was published Jun 7, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.0 before 15... High Unreviewed
CVE-2023-2199 was published Jun 7, 2023
git-url-parse crate vulnerable to Regular Expression Denial of Service Low
CVE-2023-33290 was published for git-url-parse (Rust) Jun 12, 2023
semver vulnerable to Regular Expression Denial of Service High
CVE-2022-25883 was published for semver (npm) Jun 21, 2023
mrgrain G-Rath
urlnorm vulnerable to Regular Expression Denial of Service High
CVE-2023-33289 was published for urlnorm (Rust) Jun 21, 2023
word-wrap vulnerable to Regular Expression Denial of Service Moderate
CVE-2023-26115 was published for word-wrap (npm) Jun 22, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.10 before 16.1,... Moderate Unreviewed
CVE-2023-2232 was published Jun 28, 2023
Mailform Pro CGI 4.3.1.2 and earlier allows a remote unauthenticated attacker to cause a denial... High Unreviewed
CVE-2023-32610 was published Jun 29, 2023
URI gem has ReDoS vulnerability Moderate
CVE-2023-36617 was published for uri (RubyGems) Jun 29, 2023
jasnow maxfelsher-cgi
Django has regular expression denial of service vulnerability in EmailValidator/URLValidator High
CVE-2023-36053 was published for Django (pip) Jul 3, 2023
is_js vulnerable to Regular Expression Denial of Service High
CVE-2020-26302 was published for is_js (npm) Jul 6, 2023
Apache Airflow Improper Input Validation vulnerability Moderate
CVE-2023-36543 was published for apache-airflow (pip) Jul 12, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.3 before 15... High Unreviewed
CVE-2023-3424 was published Jul 13, 2023
Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:... Moderate Unreviewed
CVE-2023-3446 was published Jul 19, 2023
In JetBrains TeamCity before 2023.05.2 a ReDoS attack was possible via integration with issue... High Unreviewed
CVE-2023-39174 was published Jul 25, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.14 before 16... High Unreviewed
CVE-2023-3364 was published Aug 2, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.0.8,... High Unreviewed
CVE-2023-0632 was published Aug 2, 2023
ProTip! Advisories are also available from the GraphQL API