Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

12 advisories

Loading
jquery-validation Regular Expression Denial of Service due to arbitrary input to url2 method High
CVE-2022-31147 was published for jquery-validation (npm) Jul 5, 2022
erik-krogh bytestream
mthreer
DOM-based cross-site scripting in Froala Editor Moderate
CVE-2019-19935 was published for froala-editor (npm) Feb 10, 2022
erik-krogh
Cross-Site Scripting Vulnerability in @joeattardi/emoji-button High
CVE-2021-43785 was published for @joeattardi/emoji-button (npm) Dec 1, 2021
erik-krogh agustingianni
Clipboard-based XSS High
CVE-2021-41086 was published for jsuites (npm) Sep 22, 2021
intrigus-lgtm bananabr
erik-krogh
Passing in a non-string 'html' argument can lead to unsanitized output Moderate
CVE-2021-32696 was published for striptags (npm) Jun 18, 2021
erik-krogh
Node-Redis potential exponential regex in monitor mode High
CVE-2021-29469 was published for redis (npm) Apr 27, 2021
erik-krogh
Command injection vulnerability in @prisma/sdk in getPackedPackage function High
CVE-2021-21414 was published for @prisma/sdk (npm) Apr 6, 2021
erik-krogh
[thi.ng/egf] Potential arbitrary code execution of `#gpg`-tagged property values Moderate
CVE-2021-21412 was published for @thi.ng/egf (npm) Apr 6, 2021
erik-krogh
Regular Expression Denial-of-Service in npm schema-inspector High
CVE-2021-21267 was published for schema-inspector (npm) Mar 19, 2021
erik-krogh
Regular Expression Denial of Service in jquery-validation High
CVE-2021-21252 was published for jQuery.Validation (npm) Jan 13, 2021
erik-krogh pwntester
ReDOS vulnerabities: multiple grammars Moderate
GHSA-7wwv-vh3v-89cq was published for @highlightjs/cdn-assets (npm) Dec 4, 2020
RunDevelopment erik-krogh
kurt-r2c
Materialize-css vulnerable to Cross-site Scripting in autocomplete component Moderate
CVE-2019-11003 was published for @materializecss/materialize (npm) Apr 9, 2019
erik-krogh
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database