Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

10 advisories

Loading
Infinite loop causing Denial of Service in colors High
GHSA-5rqg-jm4f-cqx7 was published for Colors (npm) Jan 10, 2022
G-Rath
Infinite loop in jpeg-js High
CVE-2022-25851 was published for jpeg-js (npm) Jun 11, 2022
file-type vulnerable to Infinite Loop via malformed MKV file High
CVE-2022-36313 was published for file-type (npm) Jul 22, 2022
kiskoza ItalyPaleAle
cumulative-distribution-function Infinite Loop vulnerability High
CVE-2021-29486 was published for cumulative-distribution-function (npm) May 4, 2021
Infinite Loop in colors.js High
CVE-2021-23567 was published for colors (npm) Jan 21, 2022
Improper calculations in ECC implementation can trigger a Denial-of-Service (DoS) High
CVE-2023-25653 was published for node-jose (npm) Feb 16, 2023
justaugustus bifurcation
Predictable results in nanoid generation when given non-integer values Moderate
CVE-2024-55565 was published for nanoid (npm) Dec 9, 2024
krassowski katzj
CrzyHAX91
Infinite loop and Blind SSRF found inside the Webfinger mechanism in @fedify/fedify Moderate
CVE-2025-23221 was published for @fedify/fedify (npm) Jan 21, 2025
nnfrog
In Azle, calling `setTimer` causes infinite loop of timers High
CVE-2025-29776 was published for azle (npm) Mar 14, 2025
ts-asn1-der has Incorrect DER Encoding of Numbers Leading to Denial of Service and Incorrect Value Representation Moderate
CVE-2025-32029 was published for @apeleghq/asn1-der (npm) Apr 7, 2025
ProTip! Advisories are also available from the GraphQL API