Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,819
Erlang
36
GitHub Actions
32
Go
2,410
Maven
5,000+
npm
4,046
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

5 advisories

Loading
http-proxy-middleware allows fixRequestBody to proceed even if bodyParser has failed Moderate
CVE-2025-32997 was published for http-proxy-middleware (npm) Apr 15, 2025
sealonohana
http-proxy-middleware can call writeBody twice because "else if" is not used Moderate
CVE-2025-32996 was published for http-proxy-middleware (npm) Apr 15, 2025
sealonohana
find-my-way has a ReDoS vulnerability in multiparametric routes High
CVE-2024-45813 was published for find-my-way (npm) Sep 18, 2024
blakeembrey mcollina
sealonohana
Apache Avro Java SDK vulnerable to Improper Input Validation High
CVE-2023-39410 was published for org.apache.avro:avro (Maven) Sep 29, 2023
sealonohana
glob-parent vulnerable to Regular Expression Denial of Service in enclosure regex High
CVE-2020-28469 was published for glob-parent (npm) Jun 7, 2021
sealonohana
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database