Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

40 advisories

Loading
mofh Vulnerable to Improper Restriction of XML External Entity Reference Moderate
GHSA-7r9x-qrpr-3cxw was published for mofh (pip) Aug 11, 2022
XML External Entities Vulnerability in CVRF-CSAF-Converter Moderate
CVE-2022-27193 was published for cvrf2csaf (pip) Mar 16, 2022
MEI2Volpiano is vulnerable to XML External Entity (XXE), leading to a Denial of Service (DoS) High
CVE-2022-37189 was published for mei2volpiano (pip) Sep 8, 2022
Duplicate Advisory: Improper Restriction of XML External Entity Reference in pikepdf Critical
CVE-2021-46849 was published for pikepdf (pip) Oct 24, 2022 withdrawn
SOAPpy vulnerable to XML External Entity attacks Moderate
CVE-2014-3242 was published for SOAPpy (pip) May 17, 2022
Improper Restriction of XML External Entity Reference in trytond and proteus Moderate
CVE-2022-26661 was published for proteus (pip) Mar 11, 2022
weixin-python XML External Entity vulnerability Critical
CVE-2018-25082 was published for weixin-python (pip) Mar 21, 2023
requests-xml XML External Entity Injection vulnerability High
CVE-2020-26708 was published for requests-xml (pip) Jun 29, 2023
easy-parse XML External Entity Injection vulnerability High
CVE-2020-26710 was published for easy-parse (pip) Jun 29, 2023
py-xml XML External Entity Injection vulnerability High
CVE-2020-26709 was published for py-xml (pip) Jun 29, 2023
fonttools XML External Entity Injection (XXE) Vulnerability High
CVE-2023-45139 was published for fonttools (pip) Jan 9, 2024
acornall
OpenStack Swift XML external entities (XXE) Injection Moderate
CVE-2022-47950 was published for swift (pip) Jan 18, 2023
XML Entity Expansion (XEE) in Django Moderate
CVE-2013-1664 was published for Django (pip) May 17, 2022
MarkLee131
XML External Entity (XXE) in Django Moderate
CVE-2013-1665 was published for Django (pip) May 17, 2022
MarkLee131
ebookmeta XML External Entity vulnerability High
CVE-2024-36827 was published for ebookmeta (pip) Jun 7, 2024
feedparser denial of service vulnerability High
CVE-2012-2921 was published for feedparser (pip) Jul 24, 2018
XML External Entity Reference in Glances Moderate
CVE-2021-23418 was published for Glances (pip) Aug 9, 2021
OpenStack Nova Live migration fails to update persistent domain XML High
CVE-2020-17376 was published for nova (pip) May 24, 2022
Improper Restriction of XML External Entity Reference in ladon Critical
CVE-2019-1010268 was published for ladon (pip) Jul 26, 2019
OWSLib vulnerable to XML External Entity (XXE) Injection High
CVE-2023-27476 was published for OWSLib (pip) Mar 7, 2023
jorgectf
Improper Restriction of XML External Entity Reference in Openpyxl Moderate
CVE-2017-5992 was published for openpyxl (pip) May 17, 2022
chenghlee
Improper Restriction of XML External Entity Reference in pikepdf High
CVE-2021-29421 was published for pikepdf (pip) Apr 20, 2021
XXE in petl High
CVE-2020-29128 was published for petl (pip) Dec 2, 2020
nvn1729
Improper Restriction of XML External Entity Reference in Plone High
CVE-2020-28736 was published for Plone (pip) Apr 7, 2021
Improper Restriction of XML External Entity Reference in Quokka Critical
CVE-2020-18703 was published for quokka (pip) Aug 30, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database