Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+

26 advisories

Loading
FoodCoopShop Server-Side Request Forgery vulnerability High
CVE-2023-46725 was published for foodcoopshop/foodcoopshop (Composer) Nov 2, 2023
asesidaa mrothauer
Flarum vulnerable to LFI and Blind SSRF via Avatar upload High
CVE-2023-40033 was published for flarum/core (Composer) Aug 16, 2023
Moodle vulnerable to Server Side Request Forgery High
CVE-2023-35133 was published for moodle/moodle (Composer) Jun 22, 2023
Appwrite Server-Side Request Forgery vulnerability High
CVE-2023-27159 was published for appwrite/server-ce (Composer) Mar 31, 2023
Moodle vulnerable to Server-Side Request Forgery High
CVE-2021-36396 was published for moodle/moodle (Composer) Mar 6, 2023
Codiad SSRF Vulnerability High
CVE-2020-14044 was published for codiad/codiad (Composer) May 24, 2022
Shopware vulnerable to SSRF High
CVE-2020-13970 was published for shopware/platform (Composer) May 24, 2022
Magento 2 Community Edition SSRF vulnerability High
CVE-2019-8156 was published for magento/community-edition (Composer) May 24, 2022
Magento Server-Side Request Forgery (SSRF) High
CVE-2019-8151 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition SSRF vulnerability High
CVE-2019-7923 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition SSRF vulnerability High
CVE-2019-7913 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Server-Side Request Forgery vulnerability High
CVE-2019-7911 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition RCE Vulnerability via SSRF High
CVE-2019-7892 was published for magento/community-edition (Composer) May 24, 2022
phpBB Server-Side Request Forgery (SSRF) High
CVE-2017-1000419 was published for phpbb/phpbb (Composer) May 14, 2022
Moodle SSRF Vulnerability High
CVE-2019-6970 was published for moodle/moodle (Composer) May 14, 2022
phpMyAdmin SSRF in replication High
CVE-2017-1000017 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
elFinder Server Side Request Forgery (SSRF) High
CVE-2019-6257 was published for studio-42/elfinder (Composer) May 13, 2022
Server-Side Request Forgery (SSRF) in Shopware High
CVE-2022-24871 was published for shopware/core (Composer) Apr 22, 2022
shyim
Server side request forgery in LiveHelperChat High
CVE-2022-1213 was published for remdex/livehelperchat (Composer) Apr 6, 2022
Server-Side Request Forgery and Open Redirect in AllTube Download High
CVE-2022-24739 was published for rudloff/alltube (Composer) Mar 9, 2022
Rudloff
SSRF in Kitodo.Presentation High
CVE-2022-24980 was published for kitodo/presentation (Composer) Feb 20, 2022
Cross-site Scripting in HTML2PDF High
CVE-2021-45394 was published for spipu/html2pdf (Composer) Jan 21, 2022
Server-Side Request Forgery in snipe/snipe-it High
CVE-2021-4075 was published for snipe/snipe-it (Composer) Dec 10, 2021
Server-Side Request Forgery vulnerability in concrete5 High
CVE-2021-22958 was published for concrete5/concrete5 (Composer) Oct 12, 2021
Authenticated server-side request forgery in file upload via URL. High
CVE-2021-37711 was published for shopware/core (Composer) Aug 23, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database