Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

105 advisories

Loading
Denial of Service in Page Error Handling Moderate
CVE-2021-21359 was published for typo3/cms (Composer) Mar 23, 2021
derhansen
Uncontrolled Recursion in SurrealQL Parsing Moderate
GHSA-6r8p-hpg7-825g was published for surrealdb (Rust) Jan 18, 2024
Jenkins Token Macro Plugin's recursive token expansion results in information disclosure and DoS Moderate
CVE-2019-1003011 was published for org.jenkins-ci.plugins:token-macro (Maven) May 13, 2022
Denial of service caused by infinite recursion when parsing SVG document Moderate
CVE-2023-50251 was published for phenx/php-svg-lib (Composer) Dec 13, 2023
cod3beat
MuPDF v1.21.1 was discovered to contain an infinite recursion in the component pdf_mark_list_push... Moderate Unreviewed
CVE-2023-31794 was published Oct 31, 2023
A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG) plugin through 1.9.4 for... Moderate Unreviewed
CVE-2019-18854 was published May 24, 2022
A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union... Moderate Unreviewed
CVE-2019-20395 was published May 24, 2022
In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild... Moderate Unreviewed
CVE-2018-18020 was published May 13, 2022
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively... Moderate Unreviewed
CVE-2022-31628 was published Sep 29, 2022
Uncontrolled Recursion in HTTP2ToRawGRPCServerCodec Moderate
CVE-2021-36154 was published for github.com/grpc/grpc-swift (Swift) May 22, 2023
Uncontrolled recursion leads to abort in deserialization Moderate
GHSA-39vw-qp34-rmwf was published for serde_yaml (Rust) Aug 25, 2021
Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV. Moderate Unreviewed
CVE-2022-3222 was published Sep 16, 2022
GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 has a segment fault (/stack overflow) due to infinite... Moderate Unreviewed
CVE-2022-47662 was published Jan 5, 2023
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Moderate Unreviewed
CVE-2022-1771 was published May 19, 2022
A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial... Moderate Unreviewed
CVE-2021-3997 was published Aug 24, 2022
An issue was discovered in the Linux kernel before 5.8. lib/nlattr.c allows attackers to cause a... Moderate Unreviewed
CVE-2020-36691 was published Mar 24, 2023
LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass:... Moderate Unreviewed
CVE-2018-20822 was published May 24, 2022
The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service ... Moderate Unreviewed
CVE-2018-20821 was published May 24, 2022
Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of recursion in regparse.c. Moderate Unreviewed
CVE-2019-16163 was published May 24, 2022
find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as... Moderate Unreviewed
CVE-2019-17450 was published May 24, 2022
In dotCMS 5.x-22.06, it is possible to call the TempResource multiple times, each time requesting... Moderate Unreviewed
CVE-2022-37034 was published Feb 2, 2023
The comment function in YzmCMS v6.3 was discovered as being able to be operated concurrently,... Moderate Unreviewed
CVE-2022-23889 was published Jan 29, 2022
GCC v12.0 was discovered to contain an uncontrolled recursion via the component libiberty/rust... Moderate Unreviewed
CVE-2021-46195 was published Jan 15, 2022
libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c,... Moderate Unreviewed
CVE-2020-12825 was published May 24, 2022
pdf_load_obj_stm in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 could reference the object stream... Moderate Unreviewed
CVE-2018-6544 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database