GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
220 advisories
Scrapy vulnerable to ReDoS via XMLFeedSpider
High
CVE-2024-1892
was published
for
scrapy
(pip)
Feb 15, 2024
org.keycloak:keycloak-services has Inefficient Regular Expression Complexity
High
CVE-2024-10270
was published
for
org.keycloak:keycloak-services
(Maven)
Nov 25, 2024
configobj ReDoS exploitable by developer using values in a server-side configuration file
Low
CVE-2023-26112
was published
for
configobj
(pip)
Apr 3, 2023
semver vulnerable to Regular Expression Denial of Service
High
CVE-2022-25883
was published
for
semver
(npm)
Jun 21, 2023
Unpatched `path-to-regexp` ReDoS in 0.1.x
Moderate
CVE-2024-52798
was published
for
path-to-regexp
(npm)
Dec 5, 2024
Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit
Low
CVE-2024-21539
was published
for
@eslint/plugin-kit
(npm)
Nov 15, 2024
Regular Expression Denial of Service (ReDoS) in cross-spawn
High
CVE-2024-21538
was published
for
cross-spawn
(npm)
Nov 8, 2024
Wagtail regular expression denial-of-service via search query parsing
High
CVE-2024-39317
was published
for
wagtail
(pip)
Jul 11, 2024
ReDoS in giskard's transformation.py (GHSL-2024-324)
Moderate
CVE-2024-52524
was published
for
giskard
(pip)
Nov 14, 2024
Regular expression denial of service in jquery-validation
Low
CVE-2021-43306
was published
for
jquery-validation
(npm)
Jun 3, 2022
Rack ReDoS Vulnerability in HTTP Accept Headers Parsing
Moderate
CVE-2024-39316
was published
for
rack
(RubyGems)
Jul 3, 2024
ProTip!
Advisories are also available from the
GraphQL API