Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

112 advisories

Loading
SSRF vulnerability in Apache Airflow Moderate
CVE-2020-17513 was published for apache-airflow (pip) Dec 17, 2020
sunSUNQ
Axios vulnerable to Server-Side Request Forgery Moderate
CVE-2020-28168 was published for axios (npm) Jan 4, 2021
Server-side request forgery in CarrierWave Moderate
CVE-2021-21288 was published for carrierwave (RubyGems) Feb 8, 2021
chadwilken phosphore
vrana/adminer vulnerable to SSRF by connecting to privileged ports Moderate
CVE-2018-7667 was published for vrana/adminer (Composer) Feb 11, 2021
SecGus
SSRF in Rendertron Moderate
CVE-2020-8902 was published for rendertron (npm) Mar 1, 2021
SSRF in Sydent due to missing validation of hostnames Moderate
CVE-2021-29431 was published for matrix-sydent (pip) Apr 19, 2021
Server-side request forgery in Ghost CMS Moderate
CVE-2020-8134 was published for ghost (npm) May 6, 2021
Server-Side Request Forgery in yoast_seo Moderate
CVE-2021-31779 was published for yoast-seo-for-typo3/yoast_seo (Composer) May 21, 2021
Server-Side Request Forgery in Plone Moderate
CVE-2021-33510 was published for Plone (pip) Jun 15, 2021
Server-Side Request Forgery in Concrete CMS Moderate
CVE-2021-22969 was published for concrete5/core (Composer) Nov 23, 2021
Server-Side Request Forgery in Concrete CMS Moderate
CVE-2021-22970 was published for concrete5/core (Composer) Nov 23, 2021
Server-Side Request Forgery in ssrf-agent Moderate
CVE-2021-23718 was published for ssrf-agent (npm) Dec 2, 2021
Server side request forgery in SwaggerUI Moderate
GHSA-qrmm-w75w-3wpx was published for Swashbuckle.AspNetCore.SwaggerUI (npm) Dec 9, 2021
dinvlad pshelton-skype
Dingjie-Daniel-Yang
Server-Side Request Forgery in Apache Kylin Moderate
CVE-2021-27738 was published for org.apache.kylin:kylin (Maven) Jan 8, 2022
SSRF vulnerability in jupyter-server-proxy Moderate
CVE-2022-21697 was published for jupyter-server-proxy (pip) Jan 27, 2022
mr-r3bot
Server-Side Request Forgery in calibreweb Moderate
CVE-2022-0339 was published for calibreweb (pip) Feb 1, 2022
RasmusWL
Gitea displaying raw OpenID error in UI Moderate
CVE-2021-45325 was published for github.com/go-gitea/gitea (Go) Feb 9, 2022
Server-Side Request Forgery in @peertube/embed-api Moderate
CVE-2022-0508 was published for @peertube/embed-api (npm) Feb 9, 2022
Server-Side Request Forgery in Karaf Moderate
CVE-2020-11980 was published for org.apache.karaf.management:org.apache.karaf.management.server (Maven) Feb 10, 2022
Server Side Request Forgery (SSRF) in Kubernetes Moderate
CVE-2020-8555 was published for k8s.io/kubernetes (Go) Feb 15, 2022
Server Side Request Forgery in Grafana Moderate
CVE-2020-13379 was published for github.com/grafana/grafana (Go) Feb 15, 2022
SSRF in repository migration Moderate
CVE-2022-0870 was published for gogs.io/gogs (Go) Mar 12, 2022
Spoofing attack in swagger-ui Moderate
CVE-2018-25031 was published for swagger-ui (npm) Mar 12, 2022
ProTip! Advisories are also available from the GraphQL API