Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+

8 advisories

Loading
Gradio makes the `/file` secure against file traversal and server-side request forgery attacks High
CVE-2023-51449 was published for gradio (pip) Dec 21, 2023
Yaniv-git nvn1729
Bypassing Cross-Site Scripting Protection in TYPO3 HTML Sanitizer Moderate
CVE-2023-47125 was published for typo3/html-sanitizer (Composer) Nov 14, 2023
Yaniv-git nielsdos
ohader
HtmlSanitizer vulnerable to Cross-site Scripting in Foreign Content Moderate
CVE-2023-44390 was published for HtmlSanitizer (NuGet) Oct 4, 2023
Yaniv-git
By-passing Cross-Site Scripting Protection in HTML Sanitizer Moderate
CVE-2023-38500 was published for typo3/html-sanitizer (Composer) Jul 25, 2023
leeN Yaniv-git
ohader bnf
Vendure Cross Site Request Forgery vulnerability impacting all API requests Low
GHSA-h9wq-xcqx-mqxm was published for @vendure/core (npm) Jul 11, 2023
Yaniv-git
@vendure/admin-ui-plugin authenticated Cross-site Scripting vulnerability Moderate
GHSA-gm68-572p-q28r was published for @vendure/admin-ui-plugin (npm) Jul 6, 2023
Yaniv-git
URIjs Hostname spoofing via backslashes in URL High
CVE-2021-27516 was published for urijs (npm) Mar 1, 2021
Yaniv-git
Jupyter Server open redirect vulnerability Moderate
CVE-2020-26275 was published for jupyter-server (pip) Dec 21, 2020
Yaniv-git
ProTip! Advisories are also available from the GraphQL API