Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

5 advisories

Loading
Sulu: Used API Keys may be available via Admin API Low
GHSA-9m6v-8fxc-4r44 was published for sulu/sulu (Composer) May 18, 2026
gangadhar-s-k Credited to gangadhar-s-k, mamazu, and alexander-schranz mamazu mamazu
alexander-schranz alexander-schranz
Sulu: Weak Cryptographical usage for API Key generation and Reset Tokens Moderate
CVE-2026-45701 was published for sulu/sulu (Composer) May 18, 2026
gangadhar-s-k Credited to gangadhar-s-k, mamazu, alexander-schranz, and Prokyonn mamazu mamazu
alexander-schranz alexander-schranz Prokyonn Prokyonn
Sulu vulnerable to XXE in SVG File upload Inspector Moderate
CVE-2025-47778 was published for sulu/sulu (Composer) May 15, 2025
mcdruid Credited to mcdruid, alexander-schranz, and ausi alexander-schranz alexander-schranz
ausi ausi
Cross-site Scripting via uploaded SVG Moderate
CVE-2024-47618 was published for sulu/sulu (Composer) Oct 3, 2024
alexander-schranz Credited to alexander-schranz
SQL injection in jackalope/jackalope-doctrine-dbal High
CVE-2021-43822 was published for jackalope/jackalope-doctrine-dbal (Composer) Dec 14, 2021
alexander-schranz Credited to alexander-schranz
ProTip! Advisories are also available from the GraphQL API