GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,383 advisories
Filter by severity
Regular Expression Denial of Service in debug
Low
CVE-2017-16137
was published
for
debug
(npm)
Aug 9, 2018
superagent vulnerable to zip bomb attacks
Moderate
CVE-2017-16129
was published
for
superagent
(npm)
Aug 9, 2018
Denial of Service in https-proxy-agent
Critical
CVE-2018-3739
was published
for
https-proxy-agent
(npm)
Jul 27, 2018
Regular Expression Denial of Service in fresh
High
CVE-2017-16119
was published
for
fresh
(npm)
Jul 24, 2018
Regular Expression Denial of Service in forwarded
High
CVE-2017-16118
was published
for
forwarded
(npm)
Jul 24, 2018
Regular Expression Denial of Service in string package
High
CVE-2017-16116
was published
for
string
(npm)
Jul 24, 2018
Regular Expression Denial of Service in tough-cookie
High
CVE-2017-15010
was published
for
tough-cookie
(npm)
Jul 24, 2018
Regular Expression Denial of Service in parsejson
High
CVE-2017-16113
was published
for
parsejson
(npm)
Jul 24, 2018
Regular Expression Denial of Service in marked
High
CVE-2017-16114
was published
for
marked
(npm)
Jul 24, 2018
Regular Expression Denial of Service in slug
Moderate
CVE-2017-16117
was published
for
slug
(npm)
Jul 24, 2018
method-override ReDoS when untrusted user input passed into X-HTTP-Method-Override header
High
CVE-2017-16136
was published
for
method-override
(npm)
Jul 24, 2018
Regular Expression Denial Of Service in uri-js
Moderate
CVE-2017-16021
was published
for
uri-js
(npm)
Jul 24, 2018
Regular Expression Denial of Service in decamelize
High
CVE-2017-16023
was published
for
decamelize
(npm)
Jul 24, 2018
ReDoS via long UserAgent header in useragent
High
CVE-2017-16030
was published
for
useragent
(npm)
Jul 24, 2018
Regular Expression Denial of Service in content
High
CVE-2017-16111
was published
for
content
(npm)
Jul 24, 2018
Regular Expression Denial of Service in no-case
High
CVE-2017-16099
was published
for
no-case
(npm)
Jul 24, 2018
ReDoS via long UserAgent header in ua-parser
High
CVE-2017-16086
was published
for
ua-parser
(npm)
Jul 24, 2018
mime Regular Expression Denial of Service when MIME lookup performed on untrusted user input
High
CVE-2017-16138
was published
for
mime
(npm)
Jul 20, 2018
Denial of Service vulnerability with large JSON payloads in fastify
High
CVE-2018-3711
was published
for
fastify
(npm)
Jul 18, 2018
Regular Expression Denial of Service in ssri
Moderate
CVE-2018-7651
was published
for
ssri
(npm)
Mar 7, 2018
bson is vulnerable to denial of service due to incorrect regex validation
Critical
CVE-2015-4412
was published
for
bson
(RubyGems)
Mar 5, 2018
Regular Expression Denial of Service in moment
High
CVE-2017-18214
was published
for
moment
(npm)
Mar 5, 2018
ProTip!
Advisories are also available from the
GraphQL API