Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,199 advisories

Loading
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery ... Moderate Unreviewed
CVE-2021-20347 was published May 24, 2022
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery ... Moderate Unreviewed
CVE-2021-20343 was published May 24, 2022
Server-Side request forgery (SSRF) vulnerability in task management component in Synology... High Unreviewed
CVE-2021-33184 was published May 24, 2022
Server-Side Request Forgery (SSRF) vulnerability in webapi component in Synology Video Station... Critical Unreviewed
CVE-2021-33181 was published May 24, 2022
In JetBrains TeamCity before 2020.2.3, information disclosure via SSRF was possible. High Unreviewed
CVE-2021-31910 was published May 24, 2022
An Unauthenticated Server-Side Request Forgery (SSRF) vulnerability exists in Inim Electronics... High Unreviewed
CVE-2020-22002 was published May 24, 2022
A Server-Side Request Forgery (SSRF) vulnerability in Group Office 6.4.196 allows a remote... Moderate Unreviewed
CVE-2021-28060 was published May 24, 2022
Server-Side Request Forgery (SSRF) vulnerability in cgi component in Synology Media Server before... Moderate Unreviewed
CVE-2021-34808 was published May 24, 2022
Server-Side Request Forgery (SSRF) vulnerability in task management component in Synology... Moderate Unreviewed
CVE-2021-34811 was published May 24, 2022
Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may... High Unreviewed
CVE-2021-21975 was published May 24, 2022
When requests to the internal network for webhooks are enabled, a server-side request forgery... Critical Unreviewed
CVE-2021-22175 was published May 24, 2022
A vulnerability was discovered in GitLab versions before 12.2. GitLab was vulnerable to a SSRF... Moderate Unreviewed
CVE-2021-22179 was published May 24, 2022
When requests to the internal network for webhooks are enabled, a server-side request forgery... High Unreviewed
CVE-2021-22214 was published May 24, 2022
Response Splitting from unsanitized headers High
CVE-2021-41084 was published for org.http4s:http4s-client (Maven) Sep 22, 2021
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery ... Moderate Unreviewed
CVE-2021-20346 was published May 24, 2022
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery ... Moderate Unreviewed
CVE-2021-20348 was published May 24, 2022
IBM Jazz Foundation and IBM Engineering products are vulnerable to server-side request forgery ... Moderate Unreviewed
CVE-2021-20345 was published May 24, 2022
A flaw was found in Ansible Tower in versions before 3.7.2. A Server Side Request Forgery flaw... Low Unreviewed
CVE-2020-14328 was published May 24, 2022
BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. Due to the lack of... Critical Unreviewed
CVE-2017-17674 was published May 24, 2022
IBM Jazz Reporting Service 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to server-side request... Moderate Unreviewed
CVE-2021-20535 was published May 24, 2022
The MessageBundleWhiteList class of atlassian-gadgets before version 4.2.37, from version 4.3.0... Moderate Unreviewed
CVE-2020-36232 was published May 24, 2022
In CRMEB 3.1.0+ strict domain name filtering leads to SSRF(Server-Side Request Forgery). The... Moderate Unreviewed
CVE-2020-21788 was published May 24, 2022
OX App Suite 7.10.4 and earlier allows SSRF via a snippet. Moderate Unreviewed
CVE-2020-28943 was published May 24, 2022
Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make requests to... Critical Unreviewed
CVE-2020-15377 was published May 24, 2022
Vembu BDR Suite before 4.2.0 allows Unauthenticated SSRF via a GET request that specifies a... Moderate Unreviewed
CVE-2021-26474 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database