Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,051
Erlang
29
GitHub Actions
19
Go
1,887
Maven
5,000+
npm
3,602
NuGet
638
pip
3,205
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

119 advisories

Loading
regular expression denial-of-service (ReDoS) in Bleach High
CVE-2020-6817 was published for bleach (pip) Mar 30, 2020
python-jose denial of service via compressed JWE content Moderate
CVE-2024-33664 was published for python-jose (pip) Apr 26, 2024
garyd203
Fiona affected by CVE-2020-14152 related to madler-zlib High
GHSA-g4m4-9q4c-mfw6 was published for fiona (pip) Jul 16, 2024
sgillies
zipp Denial of Service vulnerability Moderate
CVE-2024-5569 was published for zipp (pip) Jul 9, 2024
Django memory consumption vulnerability Moderate
CVE-2024-41989 was published for Django (pip) Aug 7, 2024
Internationalized Domain Names in Applications (IDNA) vulnerable to denial of service from specially crafted inputs to idna.encode Moderate
CVE-2024-3651 was published for idna (pip) Apr 11, 2024
guidovranken
Django Denial-of-service in django.utils.text.Truncator High
CVE-2019-14232 was published for django (pip) Aug 6, 2019
OpenStack Storlets arbitrary code execution vulnerability High
CVE-2024-28717 was published for storlets (pip) Apr 22, 2024
Ryu Infinite Loop vulnerability High
CVE-2024-34483 was published for ryu (pip) May 5, 2024
h2o vulnerable to unexpected POST request shutting down server High
CVE-2024-5979 was published for h2o (pip) Jun 27, 2024
Apache Superset uncontrolled resource consumption Moderate
CVE-2023-46104 was published for apache-superset (pip) Dec 19, 2023
Duplicate Advisory: Apache Superset uncontrolled resource consumption Moderate
CVE-2024-23952 was published for apache-superset (pip) May 30, 2024 withdrawn
Improper line feed handling in zenml Moderate
CVE-2024-4460 was published for zenml (pip) Jun 24, 2024
Denial of service in langchain-community Moderate
CVE-2024-2965 was published for langchain-community (pip) Jun 6, 2024
eyurtsev efriis
Django Regex Algorithmic Complexity Causes Denial of Service Moderate
CVE-2009-3695 was published for Django (pip) May 2, 2022
DoS with algorithms that use PBKDF2 due to unbounded PBES2 Count value Moderate
CVE-2023-6681 was published for jwcrypto (pip) Dec 28, 2023
Django vulnerable to Denial of Service via i18n middleware component Low
CVE-2007-5712 was published for Django (pip) May 1, 2022
MarkLee131
Django contains Uncontrolled Resource Consumption via cached header High
CVE-2023-23969 was published for django (pip) Feb 1, 2023
MarkLee131
Django Denial of Service Vulnerability in the authentication framework Moderate
CVE-2013-1443 was published for django (pip) May 17, 2022
openstack-neutron uncontrolled resource consumption flaw Moderate
CVE-2022-3277 was published for neutron (pip) Mar 7, 2023
OpenStack Nova DoS by rebuilding the same instance with a new image multiple times High
CVE-2017-17051 was published for nova (pip) May 13, 2022
Withdrawn: scipy memory leak vulnerability Moderate
CVE-2023-25399 was published for scipy (pip) Jul 5, 2023 withdrawn
Django Denial-of-service in django.utils.text.Truncator Moderate
CVE-2023-43665 was published for django (pip) Nov 3, 2023
Trac reStructuredText breach of privacy and denial of service vulnerability Moderate
CVE-2006-3695 was published for trac (pip) May 1, 2022
SaltStack Salt Denial of Service via a crafted authentication request High
CVE-2017-14696 was published for salt (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API