GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
32 advisories
Filter by severity
Apache StreamPipes has possibility of SSRF in pipeline element installation process
Moderate
CVE-2024-31979
was published
for
org.apache.streampipes:streampipes-parent
(Maven)
Jul 17, 2024
Apache HugeGraph-Hubble: SSRF in Hubble connection page
Moderate
CVE-2024-27347
was published
for
org.apache.hugegraph:hugegraph-hubble
(Maven)
Apr 22, 2024
Unsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF
Moderate
CVE-2023-41339
was published
for
org.geoserver.web:gs-web-app
(Maven)
Oct 24, 2023
Apache Shenyu Server Side Request Forgery vulnerability
Moderate
CVE-2023-25753
was published
for
org.apache.shenyu:shenyu-admin
(Maven)
Oct 19, 2023
WireMock Controlled Server Side Request Forgery vulnerability through URL
Moderate
CVE-2023-41327
was published
for
org.wiremock:wiremock-webhooks-extension
(Maven)
Sep 6, 2023
Apache Batik information disclosure vulnerability
Moderate
CVE-2022-44730
was published
for
org.apache.xmlgraphics:batik-script
(Maven)
Aug 22, 2023
OpenRefine Server-Side Request Forgery vulnerability
Moderate
CVE-2022-41401
was published
for
org.openrefine:main
(Maven)
Aug 4, 2023
Nepxion Discovery vulnerable to potential Information Disclosure due to Server-Side Request Forgery
Moderate
CVE-2022-23464
was published
for
com.nepxion:discovery
(Maven)
Sep 25, 2022
Apache Batik vulnerable to Server-Side Request Forgery
Moderate
CVE-2022-38648
was published
for
org.apache.xmlgraphics:batik
(Maven)
Sep 23, 2022
Apache Batik Server-Side Request Forgery
Moderate
CVE-2022-38398
was published
for
org.apache.xmlgraphics:batik
(Maven)
Sep 23, 2022
Server-side request forgery in Apache Dubbo
Moderate
CVE-2022-24969
was published
for
com.alibaba:dubbo
(Maven)
Jun 10, 2022
Keycloak vulnerable to Server-Side Request Forgery
Moderate
CVE-2020-10770
was published
for
org.keycloak:keycloak-core
(Maven)
May 24, 2022
Apache Ambari SSRF Vulnerability
Moderate
CVE-2015-1775
was published
for
org.apache.ambari:ambari
(Maven)
May 17, 2022
Server-Side Request Forgery in Jenkins Git Plugin
Moderate
CVE-2018-1000182
was published
for
org.jenkins-ci.plugins:git
(Maven)
May 14, 2022
Jenkins GitHub Branch Source Plugin vulnerable to Server-Side Request Forgery
Moderate
CVE-2018-1000185
was published
for
org.jenkins-ci.plugins:github-branch-source
(Maven)
May 14, 2022
Jenkins GitHub Plugin server-side request forgery vulnerability exists
Moderate
CVE-2018-1000184
was published
for
com.coravy.hudson.plugins.github:github
(Maven)
May 14, 2022
Jenkins CAS Plugin Server-Side Request Forgery vulnerability
Moderate
CVE-2018-1000188
was published
for
org.jenkins-ci.plugins:cas-plugin
(Maven)
May 14, 2022
URLTrigger Plugin server-side request forgery vulnerability
Moderate
CVE-2018-1000606
was published
for
org.jenkins-ci.plugins:urltrigger
(Maven)
May 14, 2022
Jenkins TraceTronic ECU-TEST Plugin server-side request forgery vulnerability
Moderate
CVE-2018-1999026
was published
for
de.tracetronic.jenkins.plugins:ecutest
(Maven)
May 14, 2022
Server-Side Request Forgery (SSRF) in Jenkins Confluence Publisher Plugin
Moderate
CVE-2018-1999039
was published
for
org.jenkins-ci.plugins:confluence-publisher
(Maven)
May 14, 2022
Server-side request forgery vulnerability in Jenkins Mesos Plugin
Moderate
CVE-2018-1000421
was published
for
org.jenkins-ci.plugins:mesos
(Maven)
May 14, 2022
Jenkins Crowd 2 Integration Plugin server-side request forgery vulnerability
Moderate
CVE-2018-1000422
was published
for
org.jenkins-ci.plugins:crowd2
(Maven)
May 14, 2022
SSRF vulnerability due to missing permission check in Jenkins OctopusDeploy Plugin
Moderate
CVE-2019-1003027
was published
for
hudson.plugins.octopusdeploy:octopusdeploy
(Maven)
May 13, 2022
Jenkins Kanboard Plugin vulnerable to Server-side request forgery (SSRF)
Moderate
CVE-2019-1003020
was published
for
org.jenkins-ci.plugins:kanboard
(Maven)
May 13, 2022
Jenkins Mattermost Notification Plugin vulnerable to SSRF
Moderate
CVE-2019-1003026
was published
for
org.jenkins-ci.plugins:mattermost
(Maven)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API