Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,111
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
37
Unreviewed advisories
All unreviewed
5,000+

282 advisories

Loading
An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5,... Moderate Unreviewed
CVE-2023-3210 was published Sep 1, 2023
@adobe/css-tools Regular Expression Denial of Service (ReDOS) while Parsing CSS Moderate
CVE-2023-26364 was published for @adobe/css-tools (npm) Aug 29, 2023
MathJax Regular expression Denial of Service (ReDoS) High
CVE-2023-39663 was published for mathjax (npm) Aug 29, 2023
Regular expression Denial-of-Service (ReDoS) exists in multiple add-ons for Mailform Pro CGI 4.3... High Unreviewed
CVE-2023-40599 was published Aug 25, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 9.3 before 16.0... High Unreviewed
CVE-2023-3994 was published Aug 2, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.14 before 16... High Unreviewed
CVE-2023-3364 was published Aug 2, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.0.8,... High Unreviewed
CVE-2023-0632 was published Aug 2, 2023
In JetBrains TeamCity before 2023.05.2 a ReDoS attack was possible via integration with issue... High Unreviewed
CVE-2023-39174 was published Jul 25, 2023
Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:... Moderate Unreviewed
CVE-2023-3446 was published Jul 19, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.3 before 15... High Unreviewed
CVE-2023-3424 was published Jul 13, 2023
Apache Airflow Improper Input Validation vulnerability High
CVE-2023-36543 was published for apache-airflow (pip) Jul 12, 2023
is_js vulnerable to Regular Expression Denial of Service High
CVE-2020-26302 was published for is_js (npm) Jul 6, 2023
Django has regular expression denial of service vulnerability in EmailValidator/URLValidator High
CVE-2023-36053 was published for Django (pip) Jul 3, 2023
URI gem has ReDoS vulnerability Moderate
CVE-2023-36617 was published for uri (RubyGems) Jun 29, 2023
jasnow maxfelsher-cgi
Mailform Pro CGI 4.3.1.2 and earlier allows a remote unauthenticated attacker to cause a denial... High Unreviewed
CVE-2023-32610 was published Jun 29, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.10 before 16.1,... Moderate Unreviewed
CVE-2023-2232 was published Jun 28, 2023
word-wrap vulnerable to Regular Expression Denial of Service Moderate
CVE-2023-26115 was published for word-wrap (npm) Jun 22, 2023
urlnorm vulnerable to Regular Expression Denial of Service High
CVE-2023-33289 was published for urlnorm (Rust) Jun 21, 2023
semver vulnerable to Regular Expression Denial of Service High
CVE-2022-25883 was published for semver (npm) Jun 21, 2023
mrgrain G-Rath
git-url-parse crate vulnerable to Regular Expression Denial of Service Low
CVE-2023-33290 was published for git-url-parse (Rust) Jun 12, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.0 before 15... High Unreviewed
CVE-2023-2199 was published Jun 7, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.7 before 15... High Unreviewed
CVE-2023-2198 was published Jun 7, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15... High Unreviewed
CVE-2023-2132 was published Jun 6, 2023
RedCloth Regular Expression Denial of Service issue High
CVE-2023-31606 was published for RedCloth (RubyGems) Jun 6, 2023
trautlein
fast-xml-parser vulnerable to Regex Injection via Doctype Entities High
CVE-2023-34104 was published for fast-xml-parser (npm) Jun 6, 2023
7085 levpachmanov
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database