GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,330
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta
Moderate
CVE-2024-29028
was published
for
github.com/usememos/memos
(Go)
Aug 5, 2024
memos vulnerable to Server-Side Request Forgery and Cross-site Scripting
Moderate
CVE-2024-29029
was published
for
github.com/usememos/memos
(Go)
Aug 5, 2024
memos vulnerable to Server-Side Request Forgery in /api/resource
Moderate
CVE-2024-29030
was published
for
github.com/usememos/memos
(Go)
Aug 5, 2024
Server-Side Request Forgery in github.com/greenpau/caddy-security
Moderate
CVE-2024-21498
was published
for
github.com/greenpau/caddy-security
(Go)
Feb 17, 2024
imgproxy is vulnerable to Server-Side Request Forgery
Moderate
CVE-2023-30019
was published
for
github.com/imgproxy/imgproxy/v3
(Go)
May 8, 2023
request-baskets vulnerable to Server-Side Request Forgery
Moderate
CVE-2023-27163
was published
for
github.com/darklynx/request-baskets
(Go)
Mar 31, 2023
KubeVela VelaUX APIserver has SSRF vulnerability
Moderate
CVE-2022-39383
was published
for
github.com/oam-dev/kubevela
(Go)
Nov 18, 2022
Smokescreen SSRF via deny list bypass (square brackets)
Moderate
CVE-2022-29188
was published
for
github.com/stripe/smokescreen
(Go)
May 24, 2022
Gophish vulnerable to Server-Side Request Forgery
Moderate
CVE-2020-24710
was published
for
github.com/gophish/gophish
(Go)
May 24, 2022
Smokescreen SSRF via deny list bypass
Moderate
CVE-2022-24825
was published
for
github.com/stripe/smokescreen
(Go)
Apr 7, 2022
SSRF in repository migration
Moderate
GHSA-q347-cg56-pcq4
was published
for
gogs.io/gogs
(Go)
Mar 14, 2022
SSRF in repository migration
Moderate
CVE-2022-0870
was published
for
gogs.io/gogs
(Go)
Mar 12, 2022
Server Side Request Forgery in Grafana
Moderate
CVE-2020-13379
was published
for
github.com/grafana/grafana
(Go)
Feb 15, 2022
Server Side Request Forgery (SSRF) in Kubernetes
Moderate
CVE-2020-8555
was published
for
k8s.io/kubernetes
(Go)
Feb 15, 2022
Gitea displaying raw OpenID error in UI
Moderate
CVE-2021-45325
was published
for
github.com/go-gitea/gitea
(Go)
Feb 9, 2022
ProTip!
Advisories are also available from the
GraphQL API