GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
14 advisories
Filter by severity
Uncontrolled Resource Consumption in Apache DolphinScheduler
High
CVE-2022-25598
was published
for
apache-dolphinscheduler
(Maven)
Mar 31, 2022
Spring Framework Inefficient Regular Expression Complexity
Moderate
CVE-2009-1190
was published
for
org.springframework:spring-core
(Maven)
May 2, 2022
Regular expression denial of service in apache tika
Moderate
CVE-2022-30126
was published
for
org.apache.tika:tika
(Maven)
May 17, 2022
Regular expression denial of service in Apache ShenYu
High
CVE-2022-26650
was published
for
org.apache.shenyu:shenyu
(Maven)
May 18, 2022
Inefficient Regular Expression Complexity in Jenkins Build Failure Analyzer Plugin
Moderate
CVE-2019-16555
was published
for
com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer
(Maven)
May 24, 2022
Regular expression denial of service in apache tika
Moderate
CVE-2022-30973
was published
for
org.apache.tika:tika-core
(Maven)
Jun 1, 2022
Regular expression denial of service in Delight Nashorn Sandbox
High
CVE-2021-40660
was published
for
org.javadelight:delight-nashorn-sandbox
(Maven)
Jun 15, 2022
Apache Tapestry 5.8.1 vulnerable to ReDoS via Content Types causing catastrophic backtracking
High
CVE-2022-31781
was published
for
org.apache.tapestry:tapestry-core
(Maven)
Jul 14, 2022
Inefficient Regular Expression Complexity in Liferay Portal
High
CVE-2022-42124
was published
for
com.liferay.portal:release.portal.bom
(Maven)
Nov 15, 2022
cookiejar Regular Expression Denial of Service via Cookie.parse function
Moderate
CVE-2022-25901
was published
for
cookiejar
(Maven)
Jan 18, 2023
http-cache-semantics vulnerable to Regular Expression Denial of Service
High
CVE-2022-25881
was published
for
http-cache-semantics
(Maven)
Jan 31, 2023
Liferay Portal has Inefficient Regular Expression
Moderate
CVE-2023-33950
was published
for
com.liferay.portal:release.portal.bom
(Maven)
May 24, 2023
angular vulnerable to super-linear runtime due to backtracking
High
CVE-2024-21490
was published
for
angular
(Maven)
Feb 10, 2024
Spring Framework DoS via conditional HTTP request
Moderate
CVE-2024-38809
was published
for
org.springframework:spring-web
(Maven)
Sep 24, 2024
ProTip!
Advisories are also available from the
GraphQL API