Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

789 advisories

Loading
Mattermost fails to strip `embeds` from `metadata` when broadcasting `posted` events Moderate
CVE-2024-47003 was published for github.com/mattermost/mattermost/server/v8 (Go) Sep 26, 2024
c0rydoras
Spring Framework DoS via conditional HTTP request Moderate
CVE-2024-38809 was published for org.springframework:spring-web (Maven) Sep 24, 2024
Apache Log4j 1.x (EOL) allows Denial of Service (DoS) High
CVE-2023-26464 was published for org.apache.logging.log4j:log4j-core (Maven) Mar 10, 2023
jw123023
Memory leaks in code encrypting and verifying RSA payloads High
CVE-2024-1394 was published for github.com/golang-fips/go (Go) Mar 20, 2024
qmuntal r3kumar
Denial of service in rocket chat message parser Moderate
CVE-2024-46935 was published for @rocket.chat/message-parser (npm) Sep 25, 2024
Inefficient Regular Expression Complexity in nltk (word_tokenize, sent_tokenize) High
CVE-2021-43854 was published for nltk (pip) Jan 6, 2022
tomaarsen raffienficiaud
OpenStack Mistral DoS High
CVE-2018-16848 was published for mistral (pip) May 24, 2022
Strapi's field level permissions not being respected in relationship title Moderate
CVE-2023-37263 was published for @strapi/plugin-content-manager (npm) Sep 13, 2023
Boegie19 derrickmehaffy
alexandrebodin
Regular Expression Denial of Service (ReDoS) in Jinja2 Moderate
CVE-2020-28493 was published for jinja2 (pip) Mar 19, 2021
tdunlap607
Denial of service attack via incorrect parameters in Matrix Synapse High
CVE-2020-26257 was published for matrix-synapse (pip) Dec 9, 2020
python-multipart vulnerable to Content-Type Header ReDoS High
CVE-2024-24762 was published for python-multipart (pip) Feb 12, 2024
nicecatch2000 Kludex
amita-seal
Sydent vulnerable to denial of service attack via memory exhaustion High
CVE-2021-29430 was published for matrix-sydent (pip) Apr 19, 2021
Sydent DoS (via resource exhaustion) due to improper input validation Moderate
CVE-2021-29433 was published for matrix-sydent (pip) Apr 16, 2021
Regular Expression Denial of Service (REDoS) in httplib2 High
CVE-2021-21240 was published for httplib2 (pip) Feb 8, 2021
b-c-ds
Uncontrolled Resource Consumption in Indy Node High
CVE-2020-11090 was published for indy-node (pip) Jun 11, 2020
Code injection in FreeIPA High
CVE-2019-14867 was published for freeipa (pip) Dec 6, 2021
Pallets Project Flask is vulnerable to Denial of Service via Unexpected memory usage High
CVE-2019-1010083 was published for flask (pip) Jul 19, 2019
Ghcml
Regular Expression Denial of Service in flask-restx High
CVE-2021-32838 was published for flask-restx (pip) Sep 8, 2021
erik-krogh yoff
Improper Handling of Highly Compressed Data (Data Amplification) and Memory Allocation with Excessive Size Value in eventlet Moderate
CVE-2021-21419 was published for eventlet (pip) May 7, 2021
ReDoS issue in dparse Moderate
CVE-2022-39280 was published for dparse (pip) Sep 27, 2022
Django Denial-of-service in strip_tags() High
CVE-2019-14233 was published for Django (pip) Aug 6, 2019
Django Denial-of-service in django.utils.text.Truncator High
CVE-2019-14232 was published for Django (pip) Aug 6, 2019
Django potential denial of service vulnerability in UsernameField on Windows High
CVE-2023-46695 was published for Django (pip) Nov 2, 2023
Denial-of-service in Django High
CVE-2021-45115 was published for Django (pip) Jan 12, 2022
sunSUNQ
Django Denial-of-service in django.utils.text.Truncator Moderate
CVE-2023-43665 was published for Django (pip) Nov 3, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database