Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,954
Maven
5,000+
npm
4,606
NuGet
787
pip
4,305
Pub
12
RubyGems
984
Rust
1,121
Swift
49
Unreviewed advisories
All unreviewed
5,000+

11 advisories

Loading
PyPDF2 vulnerable to possible Infinite Loop when reading malformed objects Moderate
CVE-2023-36807 was published for PyPDF2 (pip) Jun 30, 2023
MartinThoma
Credited to MartinThoma
pypdf and PyPDF2 possible Infinite Loop when a comment isn't followed by a character Moderate
CVE-2023-36464 was published for PyPDF2 (pip) Jun 30, 2023
exiledkingcc
Credited to exiledkingcc
Possible Infinite Loop when PdfWriter(clone_from) is used with a PDF Moderate
CVE-2023-46250 was published for pypdf (pip) Oct 31, 2023
Alexhuszagh
Credited to Alexhuszagh
Manipulated inline images can cause Infinite Loop in PyPDF2 Moderate
CVE-2022-24859 was published for PyPDF2 (pip) Apr 22, 2022
Use of "infinity" as an input to datetime and date fields causes infinite loop in pydantic Moderate
CVE-2021-29510 was published for pydantic (pip) May 13, 2021
nina-j bluetech
Credited to nina-j and bluetech
Infinite loop in TFLite Moderate
CVE-2021-37686 was published for tensorflow (pip) Aug 25, 2021
Designate does not enforce the DNS protocol limit concerning record set sizes Moderate
CVE-2015-5694 was published for designate (pip) May 24, 2022
OctoPrint Vulnerable to Denial of Service through malformed HTTP request in OctoPrint Moderate
CVE-2025-48879 was published for OctoPrint (pip) Jun 10, 2025
jacopotediosi
Credited to jacopotediosi
zipp Denial of Service vulnerability Moderate
CVE-2024-5569 was published for zipp (pip) Jul 9, 2024
AIOHTTP vulnerable to DoS when bypassing asserts Moderate
CVE-2025-69227 was published for aiohttp (pip) Jan 5, 2026
ThomasRinsma
Credited to ThomasRinsma
pypdf has possible Infinite Loop when processing outlines/bookmarks Moderate
CVE-2026-24688 was published for pypdf (pip) Jan 26, 2026
JoakimBulow stefan6419846
Credited to JoakimBulow and stefan6419846
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database