Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

2,984 advisories

Loading
Denial of Service in node-static Moderate
GHSA-8r4g-cg4m-x23c was published for node-static (npm) Sep 22, 2021
@nubosoftware/node-static failure to catch exception can result in server crash High
CVE-2025-11149 was published for @nubosoftware/node-static (npm) Sep 30, 2025
lirantal
Credited to lirantal
github.com/MANTRA-Chain/mantrachain/x/tokenfactory tx gas limit is not enforced in send hooks High
CVE-2025-61595 was published for github.com/MANTRA-Chain/mantrachain (Go) Sep 30, 2025
Hellobloc
Credited to Hellobloc
Elasticsearch Uncontrolled Resource Consumption Vulnerability Moderate
CVE-2024-52979 was published for org.elasticsearch:elasticsearch (Maven) May 1, 2025
Finance.js vulnerable to DoS via the seekZero() parameter High
CVE-2025-56572 was published for financejs (npm) Sep 30, 2025
Uncontrolled Resource Consumption in Spray JSON Moderate
CVE-2018-18855 was published for io.spray:spray-json_2.10 (Maven) Jun 28, 2022
Regular Expression Denial of Service (ReDoS) in lodash Moderate
CVE-2020-28500 was published for lodash (RubyGems) Jan 6, 2022
mitchell-codecov nitaiapiiro
DmitriyLewen jkmartindale G-Rath levpachmanov
Credited to mitchell-codecov, nitaiapiiro, DmitriyLewen, jkmartindale, G-Rath, and levpachmanov
Regular Expression Denial of Service (ReDoS) in lodash Moderate
CVE-2019-1010266 was published for lodash (RubyGems) Jul 19, 2019
mitchell-codecov G-Rath
levpachmanov
Credited to mitchell-codecov, G-Rath, and levpachmanov
apidoc-core is vulnerable to prototype pollution High
CVE-2025-57317 was published for apidoc-core (npm) Sep 25, 2025
cai0duque
Credited to cai0duque
kwkr jeremyevans
ioquatix
Credited to kwkr, jeremyevans, and ioquatix
ProTip! Advisories are also available from the GraphQL API