Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

43 advisories

Loading
Insecure Comparison in secure-compare High
CVE-2015-9238 was published for secure-compare (npm) Jun 3, 2019
tdunlap607
Timing attack on HMAC signature comparison in Apache Tapestry Critical
CVE-2019-10071 was published for org.apache.tapestry:tapestry-core (Maven) Sep 26, 2019
False-negative validation results in MINT transactions with invalid baton Critical
CVE-2020-11071 was published for slpjs (npm) May 12, 2020
False-negative validation results in MINT transactions with invalid baton Critical
CVE-2020-11072 was published for slp-validate (npm) May 12, 2020
False-positive validity for NFT1 genesis transactions in SLPJS Critical
CVE-2020-15130 was published for slpjs (npm) Jul 30, 2020
False-positive validity for NFT1 genesis transactions Critical
CVE-2020-15131 was published for slp-validate (npm) Jul 30, 2020
Logic error in authentication in proxy.py High
CVE-2021-3116 was published for proxy.py (pip) Apr 7, 2021
Incorrect Regular Expression in RestSharp High
CVE-2021-27293 was published for RestSharp (NuGet) Jul 14, 2021
Regular expression denial of service in react-native High
CVE-2020-1920 was published for react-native (npm) Jul 20, 2021
Incorrect Comparison in sodiumoxide Critical
CVE-2019-25002 was published for sodiumoxide (Rust) Aug 25, 2021
ruuda
Inefficient Regular Expression Complexity in chalk/ansi-regex High
CVE-2021-3807 was published for ansi-regex (npm) Sep 20, 2021
MylesBorins cji-stripe
G-Rath
Inefficient Regular Expression Complexity in vuelidate High
CVE-2021-3794 was published for @vuelidate/validators (npm) Sep 20, 2021
madcatone
Regular Expression Denial of Service in Leo Editor High
CVE-2020-23478 was published for leo (pip) Sep 23, 2021
NLTK Vulnerable to REDoS High
CVE-2021-3828 was published for nltk (pip) Sep 29, 2021
Regular Expression Denial of Service in jsoneditor Moderate
CVE-2021-3822 was published for jsoneditor (npm) Sep 29, 2021
github.com/tidwall/gjson Vulnerable to REDoS attack High
CVE-2021-42836 was published for github.com/tidwall/gjson (Go) Oct 25, 2021
Incorrect Comparison in NumPy Moderate
CVE-2021-34141 was published for numpy (pip) Dec 18, 2021
Incorrect Comparison in cvxopt High
CVE-2021-41500 was published for cvxopt (pip) Jan 7, 2022
Incorrect Comparison in Vyper High
GHSA-7vrm-3jc8-5wwm was published for vyper (pip) Apr 4, 2022
Knock Knock plugin IP Whitelist bypass via an X-Forwarded-For HTTP header Critical
CVE-2020-13485 was published for verbb/knock-knock (Composer) May 24, 2022
Codiad Vulnerable to PHP Magic Hash Vulnerability High
CVE-2020-23355 was published for codiad/codiad (Composer) May 24, 2022
JetBrains Ktor before 2.1.0 was vulnerable to a Reflect File Download attack Moderate
CVE-2022-38179 was published for io.ktor:ktor (Maven) Aug 13, 2022
Regular expression denial of service in eth-account Moderate
CVE-2022-1930 was published for eth-account (pip) Aug 23, 2022
uri-template-lite Regular Expression Denial of Service Moderate
CVE-2021-43309 was published for uri-template-lite (npm) Aug 25, 2022
marfoldi
TensorFlow has Floating Point Exception in TFLite in conv kernel High
CVE-2023-27579 was published for tensorflow (pip) Mar 24, 2023
ProTip! Advisories are also available from the GraphQL API