Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,515
Erlang
33
GitHub Actions
25
Go
2,215
Maven
5,000+
npm
3,876
NuGet
697
pip
3,648
Pub
12
RubyGems
913
Rust
924
Swift
38
Unreviewed advisories
All unreviewed
5,000+

213 advisories

Loading
Improper Neutralization of Formula Elements in a CSV File in Gradio Flagging High
CVE-2022-24770 was published for gradio (pip) Mar 18, 2022
haby0
IBM Guardium Data Encryption (GDE) 4.0.0.0 and 5.0.0.0 saves user-provided information into a... High Unreviewed
CVE-2021-39022 was published Mar 11, 2022
Arbitrary code execution in Magnolia CMS High
CVE-2021-46363 was published for info.magnolia:magnolia-core (Maven) Feb 12, 2022
CA Harvest Software Change Manager versions 13.0.3, 13.0.4, 14.0.0, and 14.0.1, contain a... High Unreviewed
CVE-2022-22689 was published Feb 11, 2022
In NocoDB, versions 0.81.0 through 0.83.8 are affected by CSV Injection vulnerability (Formula... High Unreviewed
CVE-2022-22121 was published Jan 11, 2022
Improper Neutralization of Formula Elements in a CSV File in html-2-csv Moderate
CVE-2021-23654 was published for html-to-csv (pip) Nov 30, 2021
KateCatlin
CSV Injection in symfony/serializer Moderate
CVE-2021-41270 was published for symfony/serializer (Composer) Nov 24, 2021
jakeBarwell jderusse
Dell EMC CloudLink 7.1 and all prior versions contain a CSV formula Injection Vulnerability. A... Moderate Unreviewed
CVE-2021-36334 was published Nov 24, 2021
CSV Injection Vulnerability High
CVE-2021-41824 was published for craftcms/cms (Composer) Oct 18, 2021
CSV injection in Craft CMS High
GHSA-xrpj-f9v6-2332 was published for craftcms/cms (Composer) Oct 4, 2021 withdrawn
CSV injection in shuup High
CVE-2021-25962 was published for shuup (pip) Sep 30, 2021
Improper Neutralization of Formula Elements in a CSV File in pimcore/pimcore Moderate
CVE-2021-37702 was published for pimcore/pimcore (Composer) Aug 30, 2021
CSV Injection vulnerability with exported contact lists in Mautic Moderate
CVE-2018-8092 was published for mautic/core (Composer) Jan 19, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database