Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

2 advisories

Loading
Octo STS Unauthenticated SSRF by abusing fields in OpenID Connect tokens High
CVE-2025-52477 was published for github.com/octo-sts/app (Go) Jun 26, 2025
vicevirus Credited to vicevirus, cpanato, mgreau, and eslerm cpanato cpanato
mgreau mgreau eslerm eslerm
changedetection.io Vulnerable to Improper Input Validation Leading to LFR/Path Traversal High
CVE-2024-56509 was published for changedetection.io (pip) Dec 27, 2024
vicevirus Credited to vicevirus
ProTip! Advisories are also available from the GraphQL API