Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

5 advisories

Loading
RCE in Symfony High
CVE-2020-15094 was published for symfony/http-kernel (Composer) Sep 2, 2020
mpdude stof
Fix failure to strip Authorization header on HTTP downgrade High
CVE-2022-31043 was published for guzzlehttp/guzzle (Composer) Jun 9, 2022
GrahamCampbell
Failure to strip the Cookie header on change in host or HTTP downgrade High
CVE-2022-31042 was published for guzzlehttp/guzzle (Composer) Jun 9, 2022
GrahamCampbell am0o0
CURLOPT_HTTPAUTH option not cleared on change of origin High
CVE-2022-31090 was published for guzzlehttp/guzzle (Composer) Jun 21, 2022
Cockpit Content Platform vulnerable to 2FA bypass High
CVE-2022-2818 was published for cockpit-hq/cockpit (Composer) Aug 16, 2022
ProTip! Advisories are also available from the GraphQL API