Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

214 advisories

Loading
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust... Moderate Unreviewed
CVE-2021-46195 was published Jan 15, 2022
Apache Log4j2 vulnerable to Improper Input Validation and Uncontrolled Recursion High
CVE-2021-45105 was published for org.apache.logging.log4j:log4j-core (Maven) Dec 18, 2021
chrisbloom7 levinebw
ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects... High Unreviewed
CVE-2021-42717 was published Dec 8, 2021
Uncontrolled recursion leads to abort in deserialization Moderate
GHSA-39vw-qp34-rmwf was published for serde_yaml (Rust) Aug 25, 2021
Uncontrolled recursion in ammonia High
CVE-2019-15542 was published for ammonia (Rust) Aug 25, 2021
Uncontrolled recursion in trust-dns-proto High
CVE-2018-20994 was published for trust-dns-proto (Rust) Aug 25, 2021
Uncontrolled recursion in rust-yaml High
CVE-2018-20993 was published for yaml-rust (Rust) Aug 25, 2021
Denial of Service in Elasticsearch Moderate
CVE-2021-22144 was published for org.elasticsearch:elasticsearch (Maven) Aug 9, 2021
Stack overflow in `ParseAttrValue` with nested tensors Low
CVE-2021-29615 was published for tensorflow (pip) May 21, 2021
Stack overflow due to looping TFLite subgraph High
CVE-2021-29591 was published for tensorflow (pip) May 21, 2021
Denial of Service in Page Error Handling Moderate
CVE-2021-21359 was published for typo3/cms (Composer) Mar 23, 2021
derhansen
Uncontrolled Recursion in Django High
CVE-2019-14235 was published for Django (pip) Aug 6, 2019
Denial of Service in jquery High
CVE-2016-10707 was published for jQuery (RubyGems) Jan 22, 2018
Denial of Service in mqtt Moderate
CVE-2017-10910 was published for mqtt (npm) Dec 28, 2017
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database