GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
24 advisories
Filter by severity
Server-Side Request Forgery in terriajs-server
High
GHSA-p72p-rjr2-r439
was published
for
terriajs-server
(npm)
May 29, 2019
Server-Side Request Forgery in @uppy/companion
High
CVE-2020-8205
was published
for
@uppy/companion
(npm)
Aug 13, 2020
Server-Side Request Forgery in @uppy/companion
High
CVE-2020-8135
was published
for
@uppy/companion
(npm)
Sep 3, 2020
Server-Side Request Forgery in html-pdf-chrome
High
GHSA-5p98-wpc9-g498
was published
for
html-pdf-chrome
(npm)
Sep 4, 2020
Server-Side Request Forgery in ftp-srv
High
GHSA-r4m5-47cq-6qg8
was published
for
ftp-srv
(npm)
Sep 4, 2020
Server-Side Request Forgery and Inclusion of Functionality from Untrusted Control Sphere in jsreport
High
CVE-2020-8128
was published
for
jsreport
(npm)
Apr 13, 2021
Server-Side Request Forgery in phantomjs-seo
High
CVE-2020-7739
was published
for
phantomjs-seo
(npm)
May 10, 2021
Server-Side Request Forgery in node-pdf-generator
High
CVE-2020-7740
was published
for
node-pdf-generator
(npm)
May 10, 2021
uppy's companion module is vulnerable to Server-Side Request Forgery (SSRF)
High
CVE-2022-0086
was published
for
uppy
(npm)
Jan 6, 2022
Server side request forgery in @isomorphic-git/cors-proxy
High
CVE-2021-23664
was published
for
@isomorphic-git/cors-proxy
(npm)
Jan 26, 2022
Incorrect Authorization in @uppy/companion
High
CVE-2022-0528
was published
for
@uppy/companion
(npm)
Mar 4, 2022
Server-Side Request Forgery in FUXA
High
CVE-2021-45851
was published
for
@frangoteam/fuxa
(npm)
Mar 17, 2022
NocoDB information disclosure vulnerability
High
CVE-2022-2062
was published
for
nocodb
(npm)
Jun 14, 2022
SvelteKit framework has Insufficient CSRF protection for CORS requests
High
CVE-2023-29008
was published
for
@sveltejs/kit
(npm)
Apr 7, 2023
Miniflare vulnerable to Server-Side Request Forgery (SSRF)
High
CVE-2023-7078
was published
for
miniflare
(npm)
Dec 29, 2023
Next.js Server-Side Request Forgery in Server Actions
High
CVE-2024-34351
was published
for
next
(npm)
May 9, 2024
ip SSRF improper categorization in isPublic
High
CVE-2024-29415
was published
for
ip
(npm)
Jun 2, 2024
Strapi Server-Side Request Forgery (SSRF)
High
CVE-2024-37818
was published
for
@strapi/strapi
(npm)
Jun 20, 2024
Rocket.Chat Server-Side Request Forgery (SSRF) vulnerability
High
CVE-2024-39713
was published
for
rocket.chat
(npm)
Aug 5, 2024
Nuxt Icon affected by a Server-Side Request Forgery (SSRF)
High
CVE-2024-42352
was published
for
@nuxt/icon
(npm)
Aug 5, 2024
@lobehub/chat Server Side Request Forgery vulnerability
High
CVE-2024-32965
was published
for
@lobehub/chat
(npm)
Nov 26, 2024
ProTip!
Advisories are also available from the
GraphQL API