Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,467 advisories

Loading
Directory Traversal in gomeplus-h5-proxy High
CVE-2017-16037 was published for gomeplus-h5-proxy (npm) Jul 24, 2018
Directory Traversal in hftp High
CVE-2017-16039 was published for hftp (npm) Jul 24, 2018
ikst Downloads Resources over HTTP High
CVE-2017-16041 was published for ikst (npm) Jul 24, 2018
Directory Traversal in f2e-server High
CVE-2017-16038 was published for f2e-server (npm) Jul 24, 2018
Directory Traversal in node-simple-router High
CVE-2017-16083 was published for node-simple-router (npm) Jul 24, 2018
ReDoS via long UserAgent header in ua-parser High
CVE-2017-16086 was published for ua-parser (npm) Jul 24, 2018
Regular Expression Denial of Service in no-case High
CVE-2017-16099 was published for no-case (npm) Jul 24, 2018
Regular Expression Denial of Service in content High
CVE-2017-16111 was published for content (npm) Jul 24, 2018
ReDoS via long UserAgent header in useragent High
CVE-2017-16030 was published for useragent (npm) Jul 24, 2018
Regular Expression Denial of Service in decamelize High
CVE-2017-16023 was published for decamelize (npm) Jul 24, 2018
Github Token Leak in aegir High
CVE-2017-16225 was published for aegir (npm) Jul 24, 2018
method-override ReDoS when untrusted user input passed into X-HTTP-Method-Override header High
CVE-2017-16136 was published for method-override (npm) Jul 24, 2018
Denial of Service in nes High
CVE-2017-16025 was published for nes (npm) Jul 24, 2018
Regular Expression Denial of Service in marked High
CVE-2017-16114 was published for marked (npm) Jul 24, 2018
Regular Expression Denial of Service in parsejson High
CVE-2017-16113 was published for parsejson (npm) Jul 24, 2018
Regular Expression Denial of Service in tough-cookie High
CVE-2017-15010 was published for tough-cookie (npm) Jul 24, 2018
tdunlap607
Regular Expression Denial of Service in string package High
CVE-2017-16116 was published for string (npm) Jul 24, 2018
Regular Expression Denial of Service in forwarded High
CVE-2017-16118 was published for forwarded (npm) Jul 24, 2018
Regular Expression Denial of Service in fresh High
CVE-2017-16119 was published for fresh (npm) Jul 24, 2018
Path Traversal in localhost-now High
CVE-2018-3729 was published for localhost-now (npm) Jul 25, 2018
Prototype Pollution in mixin-deep High
CVE-2018-3719 was published for mixin-deep (npm) Jul 26, 2018
Prototype Pollution in assign-deep High
CVE-2018-3720 was published for assign-deep (npm) Jul 26, 2018
Prototype Pollution in merge-deep High
CVE-2018-3722 was published for merge-deep (npm) Jul 26, 2018
Prototype Pollution in defaults-deep High
CVE-2018-3723 was published for defaults-deep (npm) Jul 26, 2018
seng1e
Path Traversal in general-file-server High
CVE-2018-3724 was published for general-file-server (npm) Jul 26, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database