Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,950
Erlang
39
GitHub Actions
38
Go
2,605
Maven
5,000+
npm
4,250
NuGet
756
pip
4,016
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

6 advisories

Loading
Multer vulnerable to Denial of Service via unhandled exception from malformed request High
CVE-2025-7338 was published for multer (npm) Jul 17, 2025
ctcpip UlisesGascon
LinusU
Credited to ctcpip, UlisesGascon, and LinusU
Multer vulnerable to Denial of Service via unhandled exception High
CVE-2025-48997 was published for multer (npm) Jun 5, 2025
bjohansebas ctcpip
Markiz9999 UlisesGascon wesleytodd LinusU
Credited to bjohansebas, ctcpip, Markiz9999, UlisesGascon, wesleytodd, and LinusU
Multer vulnerable to Denial of Service from maliciously crafted requests High
CVE-2025-47944 was published for multer (npm) May 19, 2025
max-mathieu wesleytodd
ctcpip UlisesGascon marco-ippolito jonchurch
Credited to max-mathieu, wesleytodd, ctcpip, UlisesGascon, marco-ippolito, and jonchurch
Multer vulnerable to Denial of Service via memory leaks from unclosed streams High
CVE-2025-47935 was published for multer (npm) May 19, 2025
ctcpip UlisesGascon
UnlimitedBytes
Credited to ctcpip, UlisesGascon, and UnlimitedBytes
basic-auth-connect's callback uses time unsafe string comparison High
CVE-2024-47178 was published for basic-auth-connect (npm) Sep 30, 2024
UlisesGascon ctcpip
AdamKorcz blakeembrey
Credited to UlisesGascon, ctcpip, AdamKorcz, and blakeembrey
body-parser vulnerable to denial of service when url encoding is enabled High
CVE-2024-45590 was published for body-parser (npm) Sep 10, 2024
AdamKorcz UlisesGascon
ctcpip wesleytodd
Credited to AdamKorcz, UlisesGascon, ctcpip, and wesleytodd
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database