Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

8 advisories

Loading
NextChat has full-read SSRF and XSS vulnerability in /api/cors endpoint Critical
CVE-2023-49785 was published for nextchat (npm) Aug 5, 2024
nvn1729
lobe-chat `/api/proxy` endpoint Server-Side Request Forgery vulnerability Critical
CVE-2024-32964 was published for @lobehub/chat (npm) May 10, 2024
yyzsec
Server-Side Request Forgery (SSRF) in vriteio/vrite Critical
CVE-2023-5572 was published for @vrite/sdk (npm) Oct 13, 2023
Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url Critical
CVE-2022-2900 was published for parse-url (npm) Sep 15, 2022
allanlewis G-Rath
Server-Side Request Forgery in private-ip Critical
CVE-2020-28360 was published for private-ip (npm) Apr 13, 2021
Server-Side Request Forgery in ftp-srv Critical
CVE-2020-15152 was published for ftp-srv (npm) Aug 17, 2020
andreeleuterio trs
quiquelhappy
Server-Side Request Forgery in parse-url Critical
CVE-2022-2216 was published for parse-url (npm) Jun 28, 2022
Server-Side Request Forgery in kityminder Critical
CVE-2022-31830 was published for kityminder (npm) Jun 10, 2022
ProTip! Advisories are also available from the GraphQL API