Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

371 advisories

Loading
Smokescreen SSRF via deny list bypass (square brackets) Moderate
CVE-2022-29188 was published for github.com/stripe/smokescreen (Go) May 24, 2022
Haxatron
Server-Side Request Forgery in charm Critical
CVE-2022-29180 was published for github.com/charmbracelet/charm (Go) May 24, 2022
Camaleon CMS vulnerable to Server-Side Request Forgery Moderate
CVE-2021-25972 was published for camaleon_cms (RubyGems) May 24, 2022
Keycloak vulnerable to Server-Side Request Forgery Moderate
CVE-2020-10770 was published for org.keycloak:keycloak-core (Maven) May 24, 2022
Gophish vulnerable to Server-Side Request Forgery Moderate
CVE-2020-24710 was published for github.com/gophish/gophish (Go) May 24, 2022
Codiad SSRF Vulnerability High
CVE-2020-14044 was published for codiad/codiad (Composer) May 24, 2022
phpBB Server-Side Request Forgery Vulnerability Moderate
CVE-2020-8226 was published for phpbb/phpbb (Composer) May 24, 2022
Rudloff
Shopware vulnerable to SSRF High
CVE-2020-13970 was published for shopware/platform (Composer) May 24, 2022
WSO2 API Manager vulnerable to SSRF Critical
CVE-2020-13226 was published for org.wso2.am:am-parent (Maven) May 24, 2022
Magento 2 Community Edition SSRF vulnerability High
CVE-2019-8156 was published for magento/community-edition (Composer) May 24, 2022
Magento Server-Side Request Forgery (SSRF) High
CVE-2019-8151 was published for magento/community-edition (Composer) May 24, 2022
Ignite Realtime Openfire vulnerable to Server Side Request Forgery Critical
CVE-2019-18394 was published for org.igniterealtime.openfire:parent (Maven) May 24, 2022
Magento 2 Community Edition SSRF vulnerability High
CVE-2019-7913 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition SSRF vulnerability High
CVE-2019-7923 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition Server-Side Request Forgery vulnerability High
CVE-2019-7911 was published for magento/community-edition (Composer) May 24, 2022
Magento 2 Community Edition RCE Vulnerability via SSRF High
CVE-2019-7892 was published for magento/community-edition (Composer) May 24, 2022
phpBB Server side request forgery (SSRF) Moderate
CVE-2019-11767 was published for phpbb/phpbb (Composer) May 24, 2022
phpThumb is vulnerable to Server-Side Request Forgery (SSRF) Moderate
CVE-2013-6919 was published for james-heinrich/phpthumb (Composer) May 17, 2022
Apache Ambari SSRF Vulnerability Moderate
CVE-2015-1775 was published for org.apache.ambari:ambari (Maven) May 17, 2022
Umbraco CMS vulnerable to CSRF High
CVE-2015-8813 was published for Umbraco.CMS (NuGet) May 17, 2022
OpenStack Glance Server-Side Request Forgery (SSRF) Moderate
CVE-2017-7200 was published for glance (pip) May 17, 2022
phpBB Server-Side Request Forgery (SSRF) High
CVE-2017-1000419 was published for phpbb/phpbb (Composer) May 14, 2022
phpMyAdmin server-side request forgery (SSRF) High
CVE-2016-6621 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
Server-Side Request Forgery in Jenkins Git Plugin Moderate
CVE-2018-1000182 was published for org.jenkins-ci.plugins:git (Maven) May 14, 2022
Jenkins GitHub Plugin server-side request forgery vulnerability exists Moderate
CVE-2018-1000184 was published for com.coravy.hudson.plugins.github:github (Maven) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database