GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
237 advisories
Filter by severity
Regular Expression Denial of Service in moment
Moderate
CVE-2016-4055
was published
for
moment
(npm)
Oct 24, 2017
Denial-of-Service Memory Exhaustion in qs
High
CVE-2014-7191
was published
for
qs
(npm)
Oct 24, 2017
File Descriptor Leak Can Cause DoS Vulnerability in hapi
High
CVE-2014-3742
was published
for
hapi
(npm)
Oct 24, 2017
Regular Expression Denial of Service in ms
High
CVE-2015-8315
was published
for
ms
(npm)
Oct 24, 2017
Regular Expression Denial of Service in moment
High
CVE-2017-18214
was published
for
moment
(npm)
Mar 5, 2018
Regular Expression Denial of Service in ssri
Moderate
CVE-2018-7651
was published
for
ssri
(npm)
Mar 7, 2018
Denial of Service vulnerability with large JSON payloads in fastify
High
CVE-2018-3711
was published
for
fastify
(npm)
Jul 18, 2018
mime Regular Expression Denial of Service when MIME lookup performed on untrusted user input
High
CVE-2017-16138
was published
for
mime
(npm)
Jul 20, 2018
ReDoS via long UserAgent header in ua-parser
High
CVE-2017-16086
was published
for
ua-parser
(npm)
Jul 24, 2018
Regular Expression Denial of Service in no-case
High
CVE-2017-16099
was published
for
no-case
(npm)
Jul 24, 2018
Regular Expression Denial of Service in content
High
CVE-2017-16111
was published
for
content
(npm)
Jul 24, 2018
ReDoS via long UserAgent header in useragent
High
CVE-2017-16030
was published
for
useragent
(npm)
Jul 24, 2018
Regular Expression Denial of Service in decamelize
High
CVE-2017-16023
was published
for
decamelize
(npm)
Jul 24, 2018
Regular Expression Denial Of Service in uri-js
Moderate
CVE-2017-16021
was published
for
uri-js
(npm)
Jul 24, 2018
method-override ReDoS when untrusted user input passed into X-HTTP-Method-Override header
High
CVE-2017-16136
was published
for
method-override
(npm)
Jul 24, 2018
Regular Expression Denial of Service in slug
Moderate
CVE-2017-16117
was published
for
slug
(npm)
Jul 24, 2018
Regular Expression Denial of Service in marked
High
CVE-2017-16114
was published
for
marked
(npm)
Jul 24, 2018
Regular Expression Denial of Service in parsejson
High
CVE-2017-16113
was published
for
parsejson
(npm)
Jul 24, 2018
Regular Expression Denial of Service in tough-cookie
High
CVE-2017-15010
was published
for
tough-cookie
(npm)
Jul 24, 2018
Regular Expression Denial of Service in string package
High
CVE-2017-16116
was published
for
string
(npm)
Jul 24, 2018
ProTip!
Advisories are also available from the
GraphQL API