Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,374 advisories

Loading
Navigate endpoint is vulnerable to regex injection that may lead to Denial of Service. Moderate
CVE-2021-29506 was published for com.graphhopper:graphhopper-nav (Maven) May 19, 2021
Denial of service (via resource exhaustion) due to improper input validation in third-party identifier endpoint Moderate
GHSA-7h5v-85w9-pq6c was published for matrix-synapse (pip) May 19, 2021
Integer overflow in github.com/gorilla/websocket High
CVE-2020-27813 was published for github.com/gorilla/websocket (Go) May 18, 2021
github.com/tidwall/gjson is vulnerable to Denial of service High
CVE-2020-36066 was published for github.com/tidwall/gjson (Go) May 18, 2021
github.com/pires/go-proxyproto denial of service vulnerability Moderate
CVE-2021-23351 was published for github.com/pires/go-proxyproto (Go) May 18, 2021
golang.org/x/text Infinite loop Moderate
CVE-2020-14040 was published for golang.org/x/text (Go) May 18, 2021
miekg/dns parsing error leads to nil pointer dereference and DoS High
CVE-2018-17419 was published for github.com/miekg/dns (Go) May 18, 2021
Allocation of Resources Without Limits or Throttling in HashiCorp Nomad High
CVE-2020-7218 was published for github.com/hashicorp/nomad (Go) May 18, 2021
Denial of Service (DoS) in HashiCorp Consul High
CVE-2020-7219 was published for github.com/hashicorp/consul (Go) May 18, 2021
Uncontrolled Resource Consumption in firebase Moderate
CVE-2020-7765 was published for @firebase/util (npm) May 18, 2021
Puma's Keepalive Connections Causing Denial Of Service High
CVE-2021-29509 was published for puma (RubyGems) May 18, 2021
MSP-Greg wjordan
ioquatix
Authorization service vulnerable to DDos attacks in Apache CFX High
CVE-2021-22696 was published for org.apache.cxf:apache-cxf (Maven) May 13, 2021
Denial of service attack via push rule patterns in matrix-synapse Moderate
CVE-2021-29471 was published for matrix-synapse (pip) May 13, 2021
Improper Locking in github.com/containers/storage Moderate
CVE-2021-20291 was published for github.com/containers/storage (Go) May 10, 2021
Regular expression deinal of service in express-validators Moderate
CVE-2020-7767 was published for express-validators (npm) May 10, 2021
Arbitrary Code Execution in json-ptr High
CVE-2020-7766 was published for json-ptr (npm) May 10, 2021
tdunlap607
Regular expression denial of service in @absolunet/kafe Moderate
CVE-2020-7761 was published for @absolunet/kafe (npm) May 10, 2021
Regular expression denial of service in npm-user-validate High
CVE-2020-7754 was published for npm-user-validate (npm) May 10, 2021
Regular expression denial of service in codemirror Moderate
CVE-2020-7760 was published for codemirror (npm) May 10, 2021
Regular Expression Denial of Service in dat.gui High
CVE-2020-7755 was published for dat.gui (npm) May 10, 2021
Regular Expression Denial of Service in trim High
CVE-2020-7753 was published for trim (npm) May 10, 2021
Regular Expression Denial of Service in postcss Moderate
CVE-2021-23368 was published for postcss (npm) May 10, 2021
Infinite loop in Apache Tika Moderate
CVE-2021-28657 was published for org.apache.tika:tika (Maven) May 10, 2021
Uncontrolled Resource Consumption in json-bigint High
CVE-2020-8237 was published for json-bigint (npm) May 7, 2021
Regular Expression Denial of Service in ua-parser-js High
CVE-2020-7733 was published for ua-parser-js (npm) May 7, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database