Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

75 advisories

Loading
Regular Expression Denial of Service in is-my-json-valid High
CVE-2016-2537 was published for is-my-json-valid (npm) Oct 24, 2017
Regular Expression Denial of Service in marked High
CVE-2015-8854 was published for marked (npm) Oct 24, 2017
Regular Expression Denial of Service in semver High
CVE-2015-8855 was published for semver (npm) Oct 24, 2017
Regular Expression Denial of Service in uglify-js High
CVE-2015-8858 was published for uglify-js (npm) Oct 24, 2017
Regular Expression Denial of Service in ms High
CVE-2015-8315 was published for ms (npm) Oct 24, 2017
ReDoS in brace-expansion High
CVE-2017-18077 was published for brace-expansion (npm) Jan 29, 2018
Regular Expression Denial of Service in hawk High
CVE-2016-2515 was published for hawk (npm) Jul 31, 2018
Regular Expression Denial of Service in highcharts High
CVE-2018-20801 was published for highcharts (npm) Mar 18, 2019
Regular Expression Denial of Service in remarkable High
CVE-2019-12041 was published for remarkable (npm) Jun 6, 2019
LeSuisse
Denial of Service in uap-core High
CVE-2021-21317 was published for uap-core (npm) Feb 2, 2021
axios Inefficient Regular Expression Complexity vulnerability High
CVE-2021-3749 was published for axios (npm) Sep 1, 2021
Inefficient Regular Expression Complexity in taro High
CVE-2021-3804 was published for @tarojs/helper (npm) Sep 20, 2021
richardfan0606
Inefficient Regular Expression Complexity in code-server High
CVE-2021-3810 was published for code-server (npm) Sep 20, 2021
Inefficient Regular Expression Complexity in chalk/ansi-regex High
CVE-2021-3807 was published for ansi-regex (npm) Sep 20, 2021
MylesBorins cji-stripe
G-Rath
Inefficient Regular Expression Complexity in vuelidate High
CVE-2021-3794 was published for @vuelidate/validators (npm) Sep 20, 2021
madcatone
semver-regex Regular Expression Denial of Service (ReDOS) High
CVE-2021-3795 was published for semver-regex (npm) Sep 20, 2021
Inefficient Regular Expression Complexity in nth-check High
CVE-2021-3803 was published for nth-check (npm) Sep 20, 2021
Charley10101 Shital769
inflect vulnerable to Inefficient Regular Expression Complexity High
CVE-2021-3820 was published for i (npm) Sep 29, 2021
Inefficient Regular Expression Complexity in handsontable High
CVE-2021-23446 was published for handsontable (npm) Sep 30, 2021
Inefficient Regular Expression Complexity in marked High
CVE-2022-21680 was published for marked (npm) Jan 14, 2022
makenowjust
Inefficient Regular Expression Complexity in marked High
CVE-2022-21681 was published for marked (npm) Jan 14, 2022
makenowjust
Uncontrolled Resource Consumption in Hawk High
CVE-2022-29167 was published for hawk (npm) May 23, 2022
Regular expression denial of service in devcert High
CVE-2022-1929 was published for devcert (npm) Jun 3, 2022
Regular expression denial of service in scss-tokenizer High
CVE-2022-25758 was published for scss-tokenizer (npm) Jul 2, 2022
jhutchings1 G-Rath
tomas-cerney
jquery-validation Regular Expression Denial of Service due to arbitrary input to url2 method High
CVE-2022-31147 was published for jquery-validation (npm) Jul 5, 2022
erik-krogh bytestream
mthreer
ProTip! Advisories are also available from the GraphQL API