GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
40 advisories
Filter by severity
mofh Vulnerable to Improper Restriction of XML External Entity Reference
Moderate
GHSA-7r9x-qrpr-3cxw
was published
for
mofh
(pip)
Aug 11, 2022
XML External Entities Vulnerability in CVRF-CSAF-Converter
Moderate
CVE-2022-27193
was published
for
cvrf2csaf
(pip)
Mar 16, 2022
MEI2Volpiano is vulnerable to XML External Entity (XXE), leading to a Denial of Service (DoS)
High
CVE-2022-37189
was published
for
mei2volpiano
(pip)
Sep 8, 2022
Duplicate Advisory: Improper Restriction of XML External Entity Reference in pikepdf
Critical
CVE-2021-46849
was published
for
pikepdf
(pip)
Oct 24, 2022
•
withdrawn
SOAPpy vulnerable to XML External Entity attacks
Moderate
CVE-2014-3242
was published
for
SOAPpy
(pip)
May 17, 2022
Improper Restriction of XML External Entity Reference in trytond and proteus
Moderate
CVE-2022-26661
was published
for
proteus
(pip)
Mar 11, 2022
weixin-python XML External Entity vulnerability
Critical
CVE-2018-25082
was published
for
weixin-python
(pip)
Mar 21, 2023
requests-xml XML External Entity Injection vulnerability
High
CVE-2020-26708
was published
for
requests-xml
(pip)
Jun 29, 2023
easy-parse XML External Entity Injection vulnerability
High
CVE-2020-26710
was published
for
easy-parse
(pip)
Jun 29, 2023
py-xml XML External Entity Injection vulnerability
High
CVE-2020-26709
was published
for
py-xml
(pip)
Jun 29, 2023
fonttools XML External Entity Injection (XXE) Vulnerability
High
CVE-2023-45139
was published
for
fonttools
(pip)
Jan 9, 2024
OpenStack Swift XML external entities (XXE) Injection
Moderate
CVE-2022-47950
was published
for
swift
(pip)
Jan 18, 2023
XML Entity Expansion (XEE) in Django
Moderate
CVE-2013-1664
was published
for
Django
(pip)
May 17, 2022
XML External Entity (XXE) in Django
Moderate
CVE-2013-1665
was published
for
Django
(pip)
May 17, 2022
ebookmeta XML External Entity vulnerability
High
CVE-2024-36827
was published
for
ebookmeta
(pip)
Jun 7, 2024
feedparser denial of service vulnerability
High
CVE-2012-2921
was published
for
feedparser
(pip)
Jul 24, 2018
XML External Entity Reference in Glances
Moderate
CVE-2021-23418
was published
for
Glances
(pip)
Aug 9, 2021
OpenStack Nova Live migration fails to update persistent domain XML
High
CVE-2020-17376
was published
for
nova
(pip)
May 24, 2022
Improper Restriction of XML External Entity Reference in ladon
Critical
CVE-2019-1010268
was published
for
ladon
(pip)
Jul 26, 2019
OWSLib vulnerable to XML External Entity (XXE) Injection
High
CVE-2023-27476
was published
for
OWSLib
(pip)
Mar 7, 2023
Improper Restriction of XML External Entity Reference in Openpyxl
Moderate
CVE-2017-5992
was published
for
openpyxl
(pip)
May 17, 2022
Improper Restriction of XML External Entity Reference in pikepdf
High
CVE-2021-29421
was published
for
pikepdf
(pip)
Apr 20, 2021
Improper Restriction of XML External Entity Reference in Plone
High
CVE-2020-28736
was published
for
Plone
(pip)
Apr 7, 2021
Improper Restriction of XML External Entity Reference in Quokka
Critical
CVE-2020-18703
was published
for
quokka
(pip)
Aug 30, 2021
ProTip!
Advisories are also available from the
GraphQL API