Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

54 advisories

Loading
Kotti CSRF in the local roles implementation High
CVE-2018-9856 was published for Kotti (pip) Jul 12, 2018
Cross-site request forgery in Django Moderate
CVE-2011-0696 was published for django (pip) Jul 23, 2018
MarkLee131
Moderate severity vulnerability that affects django Moderate
CVE-2011-4140 was published for django (pip) Jul 23, 2018
Qutebrowser CSRF Vulnerability High
CVE-2018-10895 was published for qutebrowser (pip) Oct 10, 2018
Cross-Site Request Forgery (CSRF) in Luigi High
CVE-2018-1000843 was published for luigi (pip) Dec 20, 2018
Cross-Site Request Forgery (CSRF) in Apache Airflow High
CVE-2017-17835 was published for apache-airflow (pip) Jan 25, 2019
sunSUNQ
Apache Airflow vulnerable to CSRF Attacks High
CVE-2019-0229 was published for apache-airflow (pip) Apr 18, 2019
python-engineio vulnerable to Cross-Site Request Forgery (CSRF) High
CVE-2019-13611 was published for python-engineio (pip) Jul 30, 2019
Cross-Site Request Forgery in MicroPyramid Django CRM High
CVE-2019-11457 was published for django-crm (pip) Sep 11, 2019
CSRF can expose users authentication token High
CVE-2021-21241 was published for Flask-Security-Too (pip) Jan 11, 2021
Cross-Site Request Forgery in Webargs High
CVE-2020-7965 was published for webargs (pip) Apr 7, 2021
tmorrell gillarramendi
CSRF Vuln can expose user's QRcode Low
GHSA-fxq4-r6mr-9x64 was published for Flask-Security-Too (pip) Apr 8, 2021
Cross-Site Request Forgery (CSRF) in FastAPI High
CVE-2021-32677 was published for fastapi (pip) Jun 10, 2021
b0g3r
Cross-Site Request Forgery in sqlite-web High
CVE-2021-23404 was published for sqlite-web (pip) Sep 9, 2021
Cross Site Request Forgery in mailman High
CVE-2021-44227 was published for mailman (pip) Dec 16, 2021
archivy is vulnerable to Cross-Site Request Forgery (CSRF) Moderate
CVE-2021-4162 was published for archivy (pip) Jan 6, 2022
westonsteimel
calibre-web is vulnerable to Cross-Site Request Forgery (CSRF) High
CVE-2021-4164 was published for calibreweb (pip) Jan 21, 2022
Cobbler Web Interface Lacks CSRF Protection High
CVE-2011-4952 was published for cobbler (pip) Apr 22, 2022
Edgewall Trac Cross-site request forgery (CSRF) vulnerability High
CVE-2006-5878 was published for trac (pip) May 1, 2022
Plone Cross-site request forgery (CSRF) Moderate
CVE-2008-0164 was published for Plone (pip) May 1, 2022
Django cross-site request forgery (CSRF) vulnerability Moderate
CVE-2008-3909 was published for django (pip) May 2, 2022
MarkLee131
MicroPyramid Django-CRM CSRF High
CVE-2018-16552 was published for Django-CRM (pip) May 13, 2022
Kallithea Routes CSRF Bypass High
CVE-2016-3691 was published for kallithea (pip) May 13, 2022
Kallithea cross-site request forgery (CSRF) vulnerability High
CVE-2015-0276 was published for Kallithea (pip) May 13, 2022
Plone vulnerable to cross-site request forgery High
CVE-2015-7293 was published for Plone (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API