Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

4 advisories

Loading
PHP file inclusion via insert tags Moderate
CVE-2021-37626 was published for contao/contao (Composer) Aug 23, 2021
ausi Credited to ausi
API Platform Core does not call GraphQl securityAfterResolver Moderate
CVE-2025-23204 was published for api-platform/core (Composer) Mar 24, 2025
soyuka Credited to soyuka, vinceAmstoutz, and ausi vinceAmstoutz vinceAmstoutz
ausi ausi
Sulu vulnerable to XXE in SVG File upload Inspector Moderate
CVE-2025-47778 was published for sulu/sulu (Composer) May 15, 2025
mcdruid Credited to mcdruid, alexander-schranz, and ausi alexander-schranz alexander-schranz
ausi ausi
Contao is vulnerable to remote code execution in template closures Moderate
CVE-2025-65960 was published for contao/core-bundle (Composer) Nov 25, 2025
ausi Credited to ausi and m-vo m-vo m-vo
ProTip! Advisories are also available from the GraphQL API