Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

272 advisories

Loading
Apache Airflow Improper Input Validation vulnerability High
CVE-2023-36543 was published for apache-airflow (pip) Jul 12, 2023
is_js vulnerable to Regular Expression Denial of Service High
CVE-2020-26302 was published for is_js (npm) Jul 6, 2023
Django has regular expression denial of service vulnerability in EmailValidator/URLValidator High
CVE-2023-36053 was published for Django (pip) Jul 3, 2023
URI gem has ReDoS vulnerability Moderate
CVE-2023-36617 was published for uri (RubyGems) Jun 29, 2023
jasnow maxfelsher-cgi
word-wrap vulnerable to Regular Expression Denial of Service Moderate
CVE-2023-26115 was published for word-wrap (npm) Jun 22, 2023
urlnorm vulnerable to Regular Expression Denial of Service High
CVE-2023-33289 was published for urlnorm (Rust) Jun 21, 2023
semver vulnerable to Regular Expression Denial of Service High
CVE-2022-25883 was published for semver (npm) Jun 21, 2023
mrgrain G-Rath
git-url-parse crate vulnerable to Regular Expression Denial of Service Low
CVE-2023-33290 was published for git-url-parse (Rust) Jun 12, 2023
RedCloth Regular Expression Denial of Service issue High
CVE-2023-31606 was published for RedCloth (RubyGems) Jun 6, 2023
trautlein
fast-xml-parser vulnerable to Regex Injection via Doctype Entities High
CVE-2023-34104 was published for fast-xml-parser (npm) Jun 6, 2023
7085 levpachmanov
Liferay Portal has Inefficient Regular Expression Moderate
CVE-2023-33950 was published for com.liferay.portal:release.portal.bom (Maven) May 24, 2023
git-url-parse Regular Expression Denial of Service High
CVE-2023-32758 was published for git-url-parse (pip) May 15, 2023
sqlparse contains a regular expression that is vulnerable to Regular Expression Denial of Service Moderate
CVE-2023-30608 was published for sqlparse (pip) Apr 21, 2023
erik-krogh
Regular Expression Denial of Service in Deno.upgradeWebSocket API Moderate
CVE-2023-26103 was published for deno (Rust) Apr 3, 2023
dellalibera
configobj ReDoS exploitable by developer using values in a server-side configuration file Low
CVE-2023-26112 was published for configobj (pip) Apr 3, 2023
Ruby Time component ReDoS issue High
CVE-2023-28756 was published for time (RubyGems) Mar 31, 2023
Ruby URI component ReDoS issue High
CVE-2023-28755 was published for uri (RubyGems) Mar 31, 2023
angular vulnerable to regular expression denial of service via the $resource service Moderate
CVE-2023-26117 was published for angular (npm) Mar 30, 2023
ProTip! Advisories are also available from the GraphQL API