GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,656
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,341 advisories
Filter by severity
Regular Expression Denial of Service in minimatch
High
CVE-2016-10540
was published
for
minimatch
(npm)
Oct 9, 2018
Denial-of-Service Extended Event Loop Blocking in qs
High
CVE-2014-10064
was published
for
qs
(npm)
Oct 9, 2018
Regular Expression Denial of Service in negotiator
High
CVE-2016-10539
was published
for
negotiator
(npm)
Oct 9, 2018
websockets is vulnerable to denial of service by memory exhaustion
High
CVE-2018-1000518
was published
for
websockets
(pip)
Sep 17, 2018
Regular Expression Denial of Service in timespan
High
CVE-2017-16115
was published
for
timespan
(npm)
Aug 29, 2018
Nokogiri subject to DoS via libxml2 vulnerability
High
CVE-2015-5312
was published
for
nokogiri
(RubyGems)
Aug 21, 2018
Regular Expression Denial of Service in charset
High
CVE-2017-16098
was published
for
charset
(npm)
Aug 9, 2018
Regular Expression Denial of Service in debug
Low
CVE-2017-16137
was published
for
debug
(npm)
Aug 9, 2018
superagent vulnerable to zip bomb attacks
Moderate
CVE-2017-16129
was published
for
superagent
(npm)
Aug 9, 2018
Denial of Service in https-proxy-agent
Critical
CVE-2018-3739
was published
for
https-proxy-agent
(npm)
Jul 27, 2018
Regular Expression Denial of Service in fresh
High
CVE-2017-16119
was published
for
fresh
(npm)
Jul 24, 2018
Regular Expression Denial of Service in forwarded
High
CVE-2017-16118
was published
for
forwarded
(npm)
Jul 24, 2018
Regular Expression Denial of Service in string package
High
CVE-2017-16116
was published
for
string
(npm)
Jul 24, 2018
Regular Expression Denial of Service in tough-cookie
High
CVE-2017-15010
was published
for
tough-cookie
(npm)
Jul 24, 2018
Regular Expression Denial of Service in parsejson
High
CVE-2017-16113
was published
for
parsejson
(npm)
Jul 24, 2018
Regular Expression Denial of Service in marked
High
CVE-2017-16114
was published
for
marked
(npm)
Jul 24, 2018
Regular Expression Denial of Service in slug
Moderate
CVE-2017-16117
was published
for
slug
(npm)
Jul 24, 2018
method-override ReDoS when untrusted user input passed into X-HTTP-Method-Override header
High
CVE-2017-16136
was published
for
method-override
(npm)
Jul 24, 2018
Regular Expression Denial Of Service in uri-js
Moderate
CVE-2017-16021
was published
for
uri-js
(npm)
Jul 24, 2018
Regular Expression Denial of Service in decamelize
High
CVE-2017-16023
was published
for
decamelize
(npm)
Jul 24, 2018
ReDoS via long UserAgent header in useragent
High
CVE-2017-16030
was published
for
useragent
(npm)
Jul 24, 2018
Regular Expression Denial of Service in content
High
CVE-2017-16111
was published
for
content
(npm)
Jul 24, 2018
Regular Expression Denial of Service in no-case
High
CVE-2017-16099
was published
for
no-case
(npm)
Jul 24, 2018
ProTip!
Advisories are also available from the
GraphQL API