Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

479 advisories

Loading
OpenShift Console Server Side Request Forgery vulnerability Moderate
CVE-2024-6538 was published for github.com/openshift/console (Go) Nov 25, 2024
Northern.tech Mender before 3.6.6 and 3.7.x before 3.7.7 allows SSRF. Moderate Unreviewed
CVE-2024-46947 was published Nov 8, 2024
gradio Server Side Request Forgery vulnerability Moderate
CVE-2024-48052 was published for gradio (pip) Nov 5, 2024
Gradio vulnerable to SSRF in the path parameter of /queue/join Moderate
CVE-2024-47167 was published for gradio (pip) Oct 10, 2024
ahpaleus Vasco-jofra
Magento Open Source Server-Side Request Forgery (SSRF) vulnerability Moderate
CVE-2024-45119 was published for magento/community-edition (Composer) Oct 10, 2024
PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery in HTML writer when embedding images is enabled Moderate
CVE-2024-45291 was published for phpoffice/phpspreadsheet (Composer) Oct 7, 2024
emilvirkki
Inventree Server-Side Request Forgery vulnerability exposes server port/internal IP Moderate
GHSA-vx3h-qwqw-r2wq was published for inventree (pip) Oct 2, 2024
febin0x10 SchrodingersGat
lobe-chat implemented an insufficient fix for GHSA-mxhq-xw3g-rphc (CVE-2024-32964) Moderate
CVE-2024-47066 was published for @lobehub/chat (npm) Sep 23, 2024
a1loy
Directus vulnerable to SSRF Loopback IP filter bypass Moderate
CVE-2024-46990 was published for @directus/api (npm) Sep 18, 2024
r3dpower
ProTip! Advisories are also available from the GraphQL API