GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
6 advisories
SSRF Vulnerability on assetlinks_check(act_name, well_knowns)
High
CVE-2024-29190
was published
for
mobsfscan
(pip)
Mar 22, 2024
cg vulnerable to an Open Redirect Vulnerability on Referer Header
Moderate
GHSA-w228-rfpx-fhm4
was published
for
cg
(pip)
Apr 23, 2024
XPixelGroup BasicSR Command Injection
Moderate
CVE-2024-27763
was published
for
basicsr
(pip)
Mar 12, 2025
MobSF vulnerability allows SSRF due to the allow_redirects=True parameter
High
CVE-2024-54000
was published
for
mobsf
(pip)
Jun 27, 2025
pypdf's LZWDecode streams be manipulated to exhaust RAM
Moderate
CVE-2025-66019
was published
for
pypdf
(pip)
Nov 24, 2025
Bokeh server applications have Incomplete Origin Validation in WebSockets
Moderate
CVE-2026-21883
was published
for
bokeh
(pip)
Jan 6, 2026
ProTip!
Advisories are also available from the
GraphQL API