Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

39 advisories

Loading
ebookmeta XML External Entity vulnerability High
CVE-2024-37388 was published for ebookmeta (pip) Jun 7, 2024
SVGlib Vulnerable to XXE Attacks Critical
CVE-2020-10799 was published for svglib (pip) May 6, 2021
Improper Restriction of XML External Entity Reference in python-docx High
CVE-2016-5851 was published for python-docx (pip) May 13, 2022
tdunlap607
XML External Entity Injection in PyWPS High
CVE-2021-39371 was published for pywps (pip) Sep 2, 2021
tdunlap607
PySAML2 XML external entity attack Critical
CVE-2016-10127 was published for pysaml2 (pip) May 17, 2022
jhutchings1
Pysaml2 does not sanitize XML responses High
CVE-2016-10149 was published for pysaml2 (pip) Jul 16, 2018
PyAMF vulnerable to XML external entity (XXE) High
CVE-2015-8549 was published for pyamf (pip) May 24, 2022
Improper Restriction of XML External Entity Reference in Plone High
CVE-2020-28734 was published for Plone (pip) Apr 7, 2021
Improper Restriction of XML External Entity Reference in Quokka Critical
CVE-2020-18705 was published for quokka (pip) Aug 30, 2021
Improper Restriction of XML External Entity Reference in Quokka Critical
CVE-2020-18703 was published for quokka (pip) Aug 30, 2021
Improper Restriction of XML External Entity Reference in Plone High
CVE-2020-28736 was published for Plone (pip) Apr 7, 2021
XXE in petl High
CVE-2020-29128 was published for petl (pip) Dec 2, 2020
nvn1729
Improper Restriction of XML External Entity Reference in pikepdf High
CVE-2021-29421 was published for pikepdf (pip) Apr 20, 2021
Improper Restriction of XML External Entity Reference in Openpyxl Moderate
CVE-2017-5992 was published for openpyxl (pip) May 17, 2022
chenghlee
OWSLib vulnerable to XML External Entity (XXE) Injection High
CVE-2023-27476 was published for OWSLib (pip) Mar 7, 2023
jorgectf
Improper Restriction of XML External Entity Reference in ladon Critical
CVE-2019-1010268 was published for ladon (pip) Jul 26, 2019
OpenStack Nova Live migration fails to update persistent domain XML High
CVE-2020-17376 was published for nova (pip) May 24, 2022
XML External Entity Reference in Glances Moderate
CVE-2021-23418 was published for Glances (pip) Aug 9, 2021
XML External Entity vulnerability in Easy-XML Critical
CVE-2020-26705 was published for easy-xml (pip) Nov 1, 2021
feedparser denial of service vulnerability High
CVE-2012-2921 was published for feedparser (pip) Jul 24, 2018
ebookmeta XML External Entity vulnerability High
CVE-2024-36827 was published for ebookmeta (pip) Jun 7, 2024
GeoServer style upload functionality vulnerable to XML External Entity (XXE) injection Moderate
CVE-2023-26043 was published for GeoNode (pip) Aug 30, 2024
jorgectf
Guardrails AI vulnerable to Improper Restriction of XML External Entity Reference Moderate
CVE-2024-6961 was published for guardrails-ai (pip) Jul 21, 2024
XML External Entity (XXE) in Django Moderate
CVE-2013-1665 was published for Django (pip) May 17, 2022
MarkLee131
XML Entity Expansion (XEE) in Django Moderate
CVE-2013-1664 was published for Django (pip) May 17, 2022
MarkLee131
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database