Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

19 advisories

Loading
graphite.composer.views.send_email vulnerable to SSRF High
CVE-2017-18638 was published for graphite-web (pip) Oct 25, 2019
JLLeitschuh alex
orangetw
GeoNode vulnerable to SSRF Bypass to return internal host data High
CVE-2023-42439 was published for GeoNode (pip) Sep 20, 2023
ImThatT
Django Access Control Bypass possibly leading to SSRF, RFI, and LFI attacks High
CVE-2021-33571 was published for Django (pip) Jun 10, 2021
tdunlap607
LiteLLM Server-Side Request Forgery (SSRF) vulnerability High
CVE-2024-6587 was published for litellm (pip) Sep 13, 2024
Apache Airflow denial of service vulnerability High
CVE-2023-37379 was published for apache-airflow (pip) Aug 23, 2023
Server-Side Request Forgery in gradio High
CVE-2024-4325 was published for gradio (pip) Jun 6, 2024
Withdrawn Advisory: Weights and Biases (wandb) has a Server-Side Request Forgery (SSRF) vulnerability High
CVE-2024-4642 was published for wandb (pip) May 16, 2024 withdrawn
gradio Server-Side Request Forgery vulnerability High
CVE-2024-2206 was published for gradio (pip) Mar 27, 2024
SSRF Vulnerability on assetlinks_check(act_name, well_knowns) High
CVE-2024-29190 was published for mobsfscan (pip) Mar 22, 2024
bulutenes aydinnyunus
D-Tale server-side request forgery through Web uploads High
CVE-2024-21642 was published for dtale (pip) Jan 5, 2024
sylwia-budzynska
LangChain Server Side Request Forgery vulnerability High
CVE-2023-46229 was published for langchain (pip) Oct 19, 2023
Langchain Server-Side Request Forgery vulnerability High
CVE-2023-32786 was published for langchain (pip) Oct 21, 2023
eyurtsev
Fides Server-Side Request Forgery Vulnerability in Custom Integration Upload High
CVE-2023-46124 was published for ethyca-fides (pip) Oct 24, 2023
grmpyninja
SSRF attacks via tracebacks in Plone High
CVE-2020-28735 was published for Plone (pip) Apr 7, 2021
Server-Side Request Forgery in Plone CMS High
CVE-2021-33926 was published for Plone (pip) Feb 17, 2023
Server-Side Request Forgery in Plone High
CVE-2021-33511 was published for Plone (pip) Jun 15, 2021
SSRF in Sydent due to missing validation of hostnames High
CVE-2021-29431 was published for matrix-sydent (pip) Apr 19, 2021
Server-Side Request Forgery in unoconv High
CVE-2019-17400 was published for unoconv (pip) Oct 24, 2019
Server-Side Request Forgery in scout-browser High
CVE-2022-1592 was published for scout-browser (pip) May 6, 2022
ProTip! Advisories are also available from the GraphQL API