GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
27 advisories
Filter by severity
PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery when opening XLSX file
High
CVE-2024-45290
was published
for
phpoffice/phpspreadsheet
(Composer)
Oct 7, 2024
Codiad SSRF Vulnerability
High
CVE-2020-14044
was published
for
codiad/codiad
(Composer)
May 24, 2022
phpBB Server-Side Request Forgery (SSRF)
High
CVE-2017-1000419
was published
for
phpbb/phpbb
(Composer)
May 14, 2022
phpMyAdmin SSRF in replication
High
CVE-2017-1000017
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 14, 2022
Moodle vulnerable to Server Side Request Forgery
High
CVE-2023-35133
was published
for
moodle/moodle
(Composer)
Jun 22, 2023
Magento 2 Community Edition SSRF vulnerability
High
CVE-2019-8156
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento Server-Side Request Forgery (SSRF)
High
CVE-2019-8151
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Edition RCE Vulnerability via SSRF
High
CVE-2019-7892
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Edition Server-Side Request Forgery vulnerability
High
CVE-2019-7911
was published
for
magento/community-edition
(Composer)
May 24, 2022
elFinder Server Side Request Forgery (SSRF)
High
CVE-2019-6257
was published
for
studio-42/elfinder
(Composer)
May 13, 2022
Magento 2 Community Edition SSRF vulnerability
High
CVE-2019-7923
was published
for
magento/community-edition
(Composer)
May 24, 2022
Magento 2 Community Edition SSRF vulnerability
High
CVE-2019-7913
was published
for
magento/community-edition
(Composer)
May 24, 2022
Server-Side Request Forgery and Open Redirect in AllTube Download
High
CVE-2022-24739
was published
for
rudloff/alltube
(Composer)
Mar 9, 2022
FoodCoopShop Server-Side Request Forgery vulnerability
High
CVE-2023-46725
was published
for
foodcoopshop/foodcoopshop
(Composer)
Nov 2, 2023
Flarum vulnerable to LFI and Blind SSRF via Avatar upload
High
CVE-2023-40033
was published
for
flarum/core
(Composer)
Aug 16, 2023
Moodle SSRF Vulnerability
High
CVE-2019-6970
was published
for
moodle/moodle
(Composer)
May 14, 2022
Server-Side Request Forgery in snipe/snipe-it
High
CVE-2021-4075
was published
for
snipe/snipe-it
(Composer)
Dec 10, 2021
Shopware vulnerable to SSRF
High
CVE-2020-13970
was published
for
shopware/platform
(Composer)
May 24, 2022
SSRF in Kitodo.Presentation
High
CVE-2022-24980
was published
for
kitodo/presentation
(Composer)
Feb 20, 2022
Appwrite Server-Side Request Forgery vulnerability
High
CVE-2023-27159
was published
for
appwrite/server-ce
(Composer)
Mar 31, 2023
Moodle vulnerable to Server-Side Request Forgery
High
CVE-2021-36396
was published
for
moodle/moodle
(Composer)
Mar 6, 2023
Cross-site Scripting in HTML2PDF
High
CVE-2021-45394
was published
for
spipu/html2pdf
(Composer)
Jan 21, 2022
Server-Side Request Forgery vulnerability in concrete5
High
CVE-2021-22958
was published
for
concrete5/concrete5
(Composer)
Oct 12, 2021
Authenticated server-side request forgery in file upload via URL.
High
CVE-2021-37711
was published
for
shopware/core
(Composer)
Aug 23, 2021
ProTip!
Advisories are also available from the
GraphQL API