GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
usememos/memos Cross-Site Request Forgery vulnerability
High
CVE-2022-4844
was published
for
github.com/usememos/memos
(Go)
Dec 29, 2022
Phachon mm-wiki Cross Site Request Forgery vulnerability
High
CVE-2020-19278
was published
for
github.com/phachon/mm-wiki
(Go)
Apr 4, 2023
Minikube RCE via DNS Rebinding
High
CVE-2018-1002103
was published
for
k8s.io/minikube
(Go)
May 13, 2022
Golf may allow attacker to bypass CSRF protections due to weak PRNG
High
CVE-2016-15005
was published
for
github.com/dinever/golf
(Go)
Dec 28, 2022
etcd Cross-site Request Forgery (CSRF)
High
CVE-2018-1098
was published
for
go.etcd.io/etcd/v3
(Go)
Feb 15, 2022
Cross Site Request Forgery in Gitea
High
CVE-2021-45326
was published
for
github.com/go-gitea/gitea
(Go)
Feb 9, 2022
Rancher Vulnerable to Cross-site Request Forgery (CSRF)
High
CVE-2019-13209
was published
for
github.com/rancher/rancher
(Go)
May 18, 2021
Cross-site Request Forgery (CSRF)
High
CVE-2017-1000069
was published
for
github.com/bitly/oauth2_proxy
(Go)
Dec 20, 2021
Cross-Site Request Forgery (CSRF) in usememos/memos
High
CVE-2023-5036
was published
for
github.com/usememos/memos
(Go)
Sep 18, 2023
github.com/argoproj/argo-cd Cross-Site Request Forgery vulnerability
High
CVE-2024-22424
was published
for
github.com/argoproj/argo-cd
(Go)
Jan 19, 2024
Go Fiber CSRF Token Validation Vulnerability
High
CVE-2023-45141
was published
for
github.com/gofiber/fiber/v2
(Go)
Oct 17, 2023
destiny.gg chat vulnerable to cross-site request forgery
High
CVE-2020-36625
was published
for
github.com/destinygg/chat
(Go)
Dec 22, 2022
Cross-Site Request Forgery in Filebrowser
High
CVE-2021-46398
was published
for
github.com/filebrowser/filebrowser/v2
(Go)
Feb 5, 2022
Owncast Cross-Site Request Forgery vulnerability
High
CVE-2024-29026
was published
for
github.com/owncast/owncast
(Go)
Aug 5, 2024
gotortc vulnerable to Cross-Site Request Forgery
High
CVE-2024-29192
was published
for
github.com/AlexxIT/go2rtc
(Go)
Aug 5, 2024
Cross-site Request Forgery (CSRF) in Cloud Native Computing Foundation Harbor
High
CVE-2019-19025
was published
for
github.com/goharbor/harbor
(Go)
May 18, 2021
ProTip!
Advisories are also available from the
GraphQL API