Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,458
Erlang
33
GitHub Actions
22
Go
2,156
Maven
5,000+
npm
3,818
NuGet
693
pip
3,497
Pub
12
RubyGems
903
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,472 advisories

Loading
Uncontrolled Resource Consumption in spray-json when parsing decimal digit fields High
CVE-2018-18853 was published for io.spray:spray-json_2.10 (Maven) Nov 9, 2018
Rack vulnerable to Denial of Service High
CVE-2018-16470 was published for rack (RubyGems) Nov 15, 2018
PyKMIP Denial of service vulnerability High
CVE-2018-1000872 was published for pykmip (pip) Dec 21, 2018
tdunlap607
Prototype Pollution in extend Moderate
CVE-2018-16492 was published for extend (npm) Feb 7, 2019
Prototype Pollution in defaults-deep Critical
CVE-2018-16486 was published for defaults-deep (npm) Feb 7, 2019
Prototype Pollution in lodash High
CVE-2018-16487 was published for lodash (npm) Feb 7, 2019
Prototype Pollution in just-extend Critical
CVE-2018-16489 was published for just-extend (npm) Feb 7, 2019
Prototype Pollution in mpath High
CVE-2018-16490 was published for mpath (npm) Feb 7, 2019
Prototype Pollution in node.extend Critical
CVE-2018-16491 was published for node.extend (npm) Feb 7, 2019
Regular Expression Denial of Service in jadedown Low
CVE-2016-10520 was published for jadedown (npm) Feb 18, 2019
Denial of Service in mqtt-packet High
CVE-2016-10523 was published for mqtt-packet (npm) Feb 18, 2019
Regular Expression Denial of Service in jshamcrest High
CVE-2016-10521 was published for jshamcrest (npm) Feb 18, 2019
Denial of Service and Content Injection in i18n-node-angular High
CVE-2016-10524 was published for i18n-node-angular (npm) Feb 18, 2019
Regular Expression Denial of Service in riot-compiler High
CVE-2016-10527 was published for riot-compiler (npm) Feb 18, 2019
DoS due to excessively large websocket message in ws High
CVE-2016-10542 was published for ws (npm) Feb 18, 2019
Denial of Service Vulnerability in Action View High
CVE-2019-5419 was published for actionview (RubyGems) Mar 13, 2019
Uncontrolled Resource Consumption in org.eclipse.jetty:jetty-server High
CVE-2018-12545 was published for org.eclipse.jetty:jetty-server (Maven) Mar 28, 2019
CoAPthon DoS due to Exceptions High
CVE-2018-12680 was published for CoAPthon (pip) Apr 8, 2019
Denial of Service in foreman High
GHSA-xm28-fw2x-fqv2 was published for foreman (npm) May 31, 2019
Prototype Pollution in deap High
GHSA-xrmp-99wj-p6jc was published for deap (npm) May 31, 2019
ircdkit vulnerable to Denial of Service due to unhandled connection end event Low
GHSA-f7r3-p866-q9qr was published for ircdkit (npm) Jun 3, 2019
Denial of Service in ws High
GHSA-5v72-xg48-5rpm was published for ws (npm) Jun 4, 2019
Marked ReDoS due to email addresses being evaluated in quadratic time Moderate
GHSA-xf5p-87ch-gxw2 was published for marked (npm) Jun 5, 2019
Denial of Service in url-relative Moderate
GHSA-86p3-4gfq-38f2 was published for url-relative (npm) Jun 5, 2019
Denial of Service in js-yaml Moderate
GHSA-2pr6-76vf-7546 was published for js-yaml (npm) Jun 5, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database