GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
12 advisories
Filter by severity
ReDOS vulnerabities: multiple grammars
Moderate
GHSA-7wwv-vh3v-89cq
was published
for
@highlightjs/cdn-assets
(npm)
Dec 4, 2020
Regular Expression Denial-of-Service in npm schema-inspector
High
CVE-2021-21267
was published
for
schema-inspector
(npm)
Mar 19, 2021
jquery-validation Regular Expression Denial of Service due to arbitrary input to url2 method
High
CVE-2022-31147
was published
for
jquery-validation
(npm)
Jul 5, 2022
Node-Redis potential exponential regex in monitor mode
High
CVE-2021-29469
was published
for
redis
(npm)
Apr 27, 2021
DOM-based cross-site scripting in Froala Editor
Moderate
CVE-2019-19935
was published
for
froala-editor
(npm)
Feb 10, 2022
[thi.ng/egf] Potential arbitrary code execution of `#gpg`-tagged property values
Moderate
CVE-2021-21412
was published
for
@thi.ng/egf
(npm)
Apr 6, 2021
Command injection vulnerability in @prisma/sdk in getPackedPackage function
High
CVE-2021-21414
was published
for
@prisma/sdk
(npm)
Apr 6, 2021
Passing in a non-string 'html' argument can lead to unsanitized output
Moderate
CVE-2021-32696
was published
for
striptags
(npm)
Jun 18, 2021
Cross-Site Scripting Vulnerability in @joeattardi/emoji-button
High
CVE-2021-43785
was published
for
@joeattardi/emoji-button
(npm)
Dec 1, 2021
Materialize-css vulnerable to Cross-site Scripting in autocomplete component
Moderate
CVE-2019-11003
was published
for
@materializecss/materialize
(npm)
Apr 9, 2019
Regular Expression Denial of Service in jquery-validation
High
CVE-2021-21252
was published
for
jQuery.Validation
(npm)
Jan 13, 2021
ProTip!
Advisories are also available from the
GraphQL API