Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

36 advisories

Loading
Apache Superset vulnerable to Cross-Site Request Forgery via legacy REST API endpoints High
CVE-2022-43719 was published for apache-superset (pip) Jan 16, 2023
Cross Site Request Forgery in mailman High
CVE-2021-44227 was published for mailman (pip) Dec 16, 2021
calibre-web is vulnerable to Cross-Site Request Forgery (CSRF) High
CVE-2021-4164 was published for calibreweb (pip) Jan 21, 2022
Kallithea Routes CSRF Bypass High
CVE-2016-3691 was published for kallithea (pip) May 13, 2022
Mirumee Saleor CSRF Protection Disabled High
CVE-2019-13594 was published for saleor (pip) May 24, 2022
wger Workout Manager Cross-Site Request Forgery vulnerability High
CVE-2023-38759 was published for wger (pip) Aug 8, 2023
Cobbler Web Interface Lacks CSRF Protection High
CVE-2011-4952 was published for cobbler (pip) Apr 22, 2022
Cross site scripting (XSS) in JupyterHub via Self-XSS leveraged by Cookie Tossing High
CVE-2024-28233 was published for jupyterhub (pip) Mar 28, 2024
Th0h0
ESPHome vulnerable to Authentication bypass via Cross site request forgery High
CVE-2024-29019 was published for esphome (pip) Mar 21, 2024
r3kumar
Cross-Site Request Forgery vulnerability in Prefect High
CVE-2023-6022 was published for prefect (pip) Nov 16, 2023
zangell44 bunchesofdonald
Cross-Site Request Forgery (CSRF) in Apache Airflow High
CVE-2017-17835 was published for apache-airflow (pip) Jan 25, 2019
sunSUNQ
Apache Airflow vulnerable to CSRF Attacks High
CVE-2019-0229 was published for apache-airflow (pip) Apr 18, 2019
Cross-Site Request Forgery in MicroPyramid Django CRM High
CVE-2019-11457 was published for django-crm (pip) Sep 11, 2019
django-cms CSRF Vulnerability High
CVE-2015-5081 was published for django-cms (pip) May 17, 2022
MicroPyramid Django-CRM CSRF High
CVE-2018-16552 was published for Django-CRM (pip) May 13, 2022
Cross-site request forgery in Django High
CVE-2011-0696 was published for Django (pip) Jul 23, 2018
MarkLee131
Django Cross-Site Request Forgery vulnerability High
CVE-2011-4140 was published for Django (pip) Jul 23, 2018
Django cross-site request forgery (CSRF) vulnerability High
CVE-2008-3909 was published for django (pip) May 2, 2022
MarkLee131
Cross-Site Request Forgery (CSRF) in FastAPI High
CVE-2021-32677 was published for fastapi (pip) Jun 10, 2021
b0g3r
CSRF can expose users authentication token High
CVE-2021-21241 was published for Flask-Security-Too (pip) Jan 11, 2021
modoboa vulnerable to Cross-Site Request Forgery High
CVE-2023-2228 was published for modoboa (pip) Apr 21, 2023
IPython vulnerable to cross site request forgery (CSRF) High
CVE-2015-5607 was published for ipython (pip) May 17, 2022
Kallithea cross-site request forgery (CSRF) vulnerability High
CVE-2015-0276 was published for Kallithea (pip) May 13, 2022
ProTip! Advisories are also available from the GraphQL API