GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
24 advisories
Filter by severity
Authenticated Server Side Request Forgery
Low
GHSA-8pfh-mm2g-hmc3
was published
for
shopware/core
(Composer)
Dec 21, 2020
In ArangoDB, versions v3.7.0 through v3.9.0-alpha.1 have a feature which allows downloading a...
Low
Unreviewed
CVE-2021-25939
was published
Feb 10, 2022
Harbor is vulnerable to a limited Server-Side Request Forgery (SSRF) (CVE-2020-13788)
Low
CVE-2020-13788
was published
for
github.com/goharbor/harbor
(Go)
Feb 11, 2022
SSRF in editor's proxy via IPv6 link-local address in GitHub repository jgraph/drawio prior to 18...
Low
Unreviewed
CVE-2022-1722
was published
May 17, 2022
IBM Forms Experience Builder could be susceptible to a server-side request forgery (SSRF) from...
Low
Unreviewed
CVE-2016-6001
was published
May 17, 2022
IBM QRadar SIEM 7.4.2 GA to 7.4.2 Patch 1, 7.4.0 to 7.4.1 Patch 1, and 7.3.0 to 7.3.3 Patch 5 is...
Low
Unreviewed
CVE-2020-4787
was published
May 24, 2022
A flaw was found in Ansible Tower in versions before 3.7.2. A Server Side Request Forgery flaw...
Low
Unreviewed
CVE-2020-14328
was published
May 24, 2022
The Mailchimp for WooCommerce WordPress plugin before 2.7.2 has an AJAX action that allows high...
Low
Unreviewed
CVE-2022-2556
was published
Aug 29, 2022
A vulnerability has been found in Dahua Smart Parking Management up to 20230528 and classified as...
Low
Unreviewed
CVE-2023-3121
was published
Jun 6, 2023
External service lookups for a number of protocols were vulnerable to a time-of-check/time-of-use...
Low
Unreviewed
CVE-2023-26438
was published
Aug 2, 2023
In case Cacheservice was configured to use a sproxyd object-storage backend, it would follow HTTP...
Low
Unreviewed
CVE-2023-26442
was published
Aug 2, 2023
Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/bookstack prior to v23.08.
Low
Unreviewed
CVE-2023-4624
was published
Aug 30, 2023
Artifact Hub allows unsafe rego built-in
Low
CVE-2023-45822
was published
for
github.com/artifacthub/hub
(Go)
Oct 19, 2023
google-translate-api-browser Server-Side Request Forgery (SSRF) Vulnerability
Low
CVE-2023-48711
was published
for
google-translate-api-browser
(npm)
Nov 27, 2023
Authenticated Blind SSRF in automad/automad
Low
CVE-2023-7037
was published
for
automad/automad
(Composer)
Dec 21, 2023
The WP RSS Aggregator plugin for WordPress is vulnerable to Server-Side Request Forgery in all...
Low
Unreviewed
CVE-2024-0628
was published
Feb 7, 2024
NPM IP package incorrectly identifies some private IP addresses as public
Low
CVE-2023-42282
was published
for
ip
(npm)
Feb 8, 2024
langchain Server-Side Request Forgery vulnerability
Low
CVE-2024-0243
was published
for
langchain
(pip)
Feb 26, 2024
An issue in open-emr before v.7.0.2 allows a remote attacker to escalate privileges via a crafted...
Low
Unreviewed
CVE-2024-26476
was published
Feb 29, 2024
Apache CXF: SSRF vulnerability via WADL stylesheet parameter
Low
CVE-2024-29736
was published
for
org.apache.cxf:cxf-rt-rs-service-description
(Maven)
Jul 19, 2024
Trufflehog vulnerable to Blind SSRF in some Detectors
Low
CVE-2024-43379
was published
for
github.com/trufflesecurity/trufflehog/v3
(Go)
Aug 19, 2024
Mattermost versions 9.5.x <= 9.5.8 fail to include the metadata endpoints of Oracle Cloud and...
Low
Unreviewed
CVE-2024-45843
was published
Sep 26, 2024
Northern.tech Hosted Mender before 2024.07.11 allows SSRF.
Low
Unreviewed
CVE-2024-47190
was published
Nov 8, 2024
QOS.CH logback-core Server-Side Request Forgery vulnerability
Low
CVE-2024-12801
was published
for
ch.qos.logback:logback-core
(Maven)
Dec 19, 2024
ProTip!
Advisories are also available from the
GraphQL API