GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
19 advisories
Filter by severity
PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery in HTML writer when embedding images is enabled
Moderate
CVE-2024-45291
was published
for
phpoffice/phpspreadsheet
(Composer)
Oct 7, 2024
Magento Open Source Server-Side Request Forgery (SSRF) vulnerability
Moderate
CVE-2024-45119
was published
for
magento/community-edition
(Composer)
Oct 10, 2024
czim/file-handling vulnerable to SSRF and directory traversal
Moderate
CVE-2024-47049
was published
for
czim/file-handling
(Composer)
Sep 17, 2024
Mautic: MST-48 Server-Side Request Forgery in Asset section
Moderate
CVE-2022-25777
was published
for
mautic/core
(Composer)
Apr 12, 2024
Magento Open Source Server-Side Request Forgery (SSRF) vulnerability
Moderate
CVE-2024-34111
was published
for
magento/community-edition
(Composer)
Jun 13, 2024
ShopXO Server-Side Request Forgery Vulnerability
Moderate
CVE-2024-6524
was published
for
shopxo/shopxo
(Composer)
Jul 5, 2024
Symfony SSRF Vulnerability via Form Component
Moderate
CVE-2017-16790
was published
for
symfony/form
(Composer)
May 14, 2022
phpBB Server side request forgery (SSRF)
Moderate
CVE-2019-11767
was published
for
phpbb/phpbb
(Composer)
May 24, 2022
Moodle Stored XSS and blind SSRF possible via SCORM track details
Moderate
CVE-2022-35651
was published
for
moodle/moodle
(Composer)
Jul 26, 2022
yuan1994 tpAdmin vulnerable to Server-Side Request Forgery
Moderate
CVE-2023-1971
was published
for
yuan1994/tpadmin
(Composer)
Apr 10, 2023
WPGraphQL Plugin vulnerable to Server Side Request Forgery (SSRF)
Moderate
CVE-2023-23684
was published
for
wp-graphql/wp-graphql
(Composer)
Jun 30, 2023
vrana/adminer vulnerable to SSRF by connecting to privileged ports
Moderate
CVE-2018-7667
was published
for
vrana/adminer
(Composer)
Feb 11, 2021
Moodle SSRF Vulnerability
Moderate
CVE-2018-1042
was published
for
moodle/moodle
(Composer)
May 14, 2022
phpThumb is vulnerable to Server-Side Request Forgery (SSRF)
Moderate
CVE-2013-6919
was published
for
james-heinrich/phpthumb
(Composer)
May 17, 2022
phpBB Server-Side Request Forgery Vulnerability
Moderate
CVE-2020-8226
was published
for
phpbb/phpbb
(Composer)
May 24, 2022
Server-Side Request Forgery in Concrete CMS
Moderate
CVE-2021-22970
was published
for
concrete5/core
(Composer)
Nov 23, 2021
Server-Side Request Forgery in Concrete CMS
Moderate
CVE-2021-22969
was published
for
concrete5/core
(Composer)
Nov 23, 2021
Server-Side Request Forgery in yoast_seo
Moderate
CVE-2021-31779
was published
for
yoast-seo-for-typo3/yoast_seo
(Composer)
May 21, 2021
Server-Side Request Forgery in dompdf/dompdf
Moderate
CVE-2022-0085
was published
for
dompdf/dompdf
(Composer)
Jun 29, 2022
ProTip!
Advisories are also available from the
GraphQL API