Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,344
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+

479 advisories

Loading
Server-side request forgery (SSRF) in Apache Batik High
CVE-2020-11987 was published for org.apache.xmlgraphics:batik-svgbrowser (Maven) Jan 6, 2022
jkmartindale
Server-side request forgery (SSRF) in Apache Batik High
CVE-2019-17566 was published for org.apache.xmlgraphics:batik (Maven) Feb 9, 2022
D-Tale server-side request forgery through Web uploads High
CVE-2024-21642 was published for dtale (pip) Jan 5, 2024
sylwia-budzynska
An unauthenticated attacked could send a specifically crafted web request causing a Server-Side... High Unreviewed
CVE-2023-46262 was published Dec 19, 2023
Arbitrary file properties reading vulnerability in Apache Software Foundation Apache OFBiz when... High Unreviewed
CVE-2023-50968 was published Dec 26, 2023
Miniflare vulnerable to Server-Side Request Forgery (SSRF) High
CVE-2023-7078 was published for miniflare (npm) Dec 29, 2023
Lekensteyn
Apache Camel's Validation Component is vulnerable against SSRF via remote DTDs and XXE. High
CVE-2017-5643 was published for org.apache.camel:camel-core (Maven) Oct 16, 2018
sunSUNQ
A vulnerability was found in kalcaddle kodbox up to 1.48. It has been rated as critical. Affected... High Unreviewed
CVE-2023-6849 was published Dec 16, 2023
Server-Side Request Forgery (SSRF) vulnerability in Elegant Digital Solutions CommentLuv.This... High Unreviewed
CVE-2023-49159 was published Dec 15, 2023
Server-Side Request Forgery (SSRF) in kubeflow/kubeflow High Unreviewed
CVE-2023-6570 was published Dec 14, 2023
SSRF & Credentials Leak High
CVE-2023-49799 was published for nuxt-api-party (npm) Dec 12, 2023
OhB00
Server-Side Request Forgery (SSRF) vulnerability in Paytm Paytm Payment Gateway.This issue... High Unreviewed
CVE-2022-45362 was published Dec 7, 2023
Server-Side Request Forgery (SSRF) vulnerability in Brainstorm Force Starter Templates —... High Unreviewed
CVE-2023-41804 was published Dec 7, 2023
PlantUML Server-Side Request Forgery vulnerability High
CVE-2023-3432 was published for net.sourceforge.plantuml:plantuml (Maven) Jun 27, 2023
mitchelkuijpers
Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira... High Unreviewed
CVE-2023-42361 was published Nov 8, 2023
Server-Side Request Forgery (SSRF) vulnerability in Darren Cooney Instant Images plugin <= 5.1.0... High Unreviewed
CVE-2023-27451 was published Nov 22, 2023
XXL-JOB vulnerable to Server-Side Request Forgery (SSRF) High
CVE-2022-43183 was published for com.xuxueli:xxl-job-core (Maven) Nov 17, 2022
MarkLee131
Server-side request forgery vulnerability in the ePO extension in McAfee MVISION Endpoint prior... High Unreviewed
CVE-2020-7329 was published May 24, 2022
External entity attack vulnerability in the ePO extension in McAfee MVISION Endpoint prior to 20... High Unreviewed
CVE-2020-7328 was published May 24, 2022
Server-Side Request Forgery (SSRF) vulnerability in Vova Anokhin WP Shortcodes Plugin —... High Unreviewed
CVE-2023-23800 was published Nov 13, 2023
The Assistant WordPress plugin before 1.4.4 does not validate a parameter before making a request... High Unreviewed
CVE-2023-5798 was published Oct 26, 2023
Langchain Server-Side Request Forgery vulnerability High
CVE-2023-32786 was published for langchain (pip) Oct 21, 2023
eyurtsev
FoodCoopShop Server-Side Request Forgery vulnerability High
CVE-2023-46725 was published for foodcoopshop/foodcoopshop (Composer) Nov 2, 2023
asesidaa mrothauer
Flarum vulnerable to LFI and Blind SSRF via Avatar upload High
CVE-2023-40033 was published for flarum/core (Composer) Aug 16, 2023
Fides Server-Side Request Forgery Vulnerability in Custom Integration Upload High
CVE-2023-46124 was published for ethyca-fides (pip) Oct 24, 2023
grmpyninja
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database