GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
52 advisories
Filter by severity
gradio Server Side Request Forgery vulnerability
Moderate
CVE-2024-48052
was published
for
gradio
(pip)
Nov 5, 2024
Gradio vulnerable to SSRF in the path parameter of /queue/join
Moderate
CVE-2024-47167
was published
for
gradio
(pip)
Oct 10, 2024
Inventree Server-Side Request Forgery vulnerability exposes server port/internal IP
Moderate
GHSA-vx3h-qwqw-r2wq
was published
for
inventree
(pip)
Oct 2, 2024
LiteLLM Server-Side Request Forgery (SSRF) vulnerability
High
CVE-2024-6587
was published
for
litellm
(pip)
Sep 13, 2024
MindsDB Vulnerable to Bypass of SSRF Protection with DNS Rebinding
Critical
CVE-2024-24759
was published
for
mindsdb
(pip)
Sep 5, 2024
Potential access to sensitive URLs via CKAN extensions (SSRF)
Moderate
CVE-2024-43371
was published
for
ckan
(pip)
Aug 21, 2024
Server-Side Request Forgery in langchain-community.retrievers.web_research.WebResearchRetriever
Moderate
CVE-2024-3095
was published
for
langchain-community
(pip)
Jun 6, 2024
Withdrawn Advisory: Weights and Biases (wandb) has a Server-Side Request Forgery (SSRF) vulnerability
High
CVE-2024-4642
was published
for
wandb
(pip)
May 16, 2024
•
withdrawn
Mobile Security Framework (MobSF) vulnerable to SSRF in firebase database check
Moderate
CVE-2024-31215
was published
for
mobsf
(pip)
Apr 4, 2024
gradio Server-Side Request Forgery vulnerability
High
CVE-2024-2206
was published
for
gradio
(pip)
Mar 27, 2024
SSRF Vulnerability on assetlinks_check(act_name, well_knowns)
High
CVE-2024-29190
was published
for
mobsfscan
(pip)
Mar 22, 2024
Whoogle Search Path Traversal vulnerability
Critical
CVE-2024-22203
was published
for
whoogle-search
(pip)
Mar 14, 2024
Whoogle Search Server-Side Request Forgery vulnerability
Critical
CVE-2024-22205
was published
for
whoogle-search
(pip)
Mar 14, 2024
langchain Server-Side Request Forgery vulnerability
Low
CVE-2024-0243
was published
for
langchain
(pip)
Feb 26, 2024
Label Studio SSRF on Import Bypassing `SSRF_PROTECTION_ENABLED` Protections
Moderate
CVE-2023-47116
was published
for
label-studio
(pip)
Jan 31, 2024
D-Tale server-side request forgery through Web uploads
High
CVE-2024-21642
was published
for
dtale
(pip)
Jan 5, 2024
MLflow Server-Side Request Forgery (SSRF)
Critical
CVE-2023-6974
was published
for
mlflow
(pip)
Dec 20, 2023
GitHub Security Lab (GHSL) Vulnerability Report: Arbitary write GHSL-2023-182
Critical
CVE-2023-50731
was published
for
mindsdb
(pip)
Dec 15, 2023
Server-Side Request Forgery in mindsdb
Moderate
CVE-2023-49795
was published
for
mindsdb
(pip)
Dec 12, 2023
Fides Server-Side Request Forgery Vulnerability in Custom Integration Upload
High
CVE-2023-46124
was published
for
ethyca-fides
(pip)
Oct 24, 2023
Langchain Server-Side Request Forgery vulnerability
High
CVE-2023-32786
was published
for
langchain
(pip)
Oct 21, 2023
LangChain Server Side Request Forgery vulnerability
High
CVE-2023-46229
was published
for
langchain
(pip)
Oct 19, 2023
TorchServe Server-Side Request Forgery vulnerability
Critical
CVE-2023-43654
was published
for
torchserve
(pip)
Oct 2, 2023
GeoNode vulnerable to SSRF Bypass to return internal host data
High
CVE-2023-42439
was published
for
GeoNode
(pip)
Sep 20, 2023
ProTip!
Advisories are also available from the
GraphQL API