Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

224 advisories

Loading
Artesãos SEOTools Open Redirect vulnerability Moderate
CVE-2020-36664 was published for artesaos/seotools (Composer) Jul 6, 2023
@keystone-6/auth Open Redirect vulnerability Moderate
CVE-2023-34247 was published for @keystone-6/auth (npm) Jun 14, 2023
scgajge12
Open redirect in Tornado Moderate
CVE-2023-28370 was published for tornado (pip) May 25, 2023
christian-ruiz bdarnell
org.xwiki.platform:xwiki-platform-oldcore Open Redirect vulnerability Moderate
CVE-2023-32068 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) May 15, 2023
Tauri Open Redirect Vulnerability Possibly Exposes IPC to External Sites Moderate
CVE-2023-31134 was published for tauri (Rust) May 3, 2023
Open redirect vulnerability on CMSSecurity relogin screen Moderate
CVE-2023-22729 was published for silverstripe/framework (Composer) Apr 26, 2023
org.xwiki.platform:xwiki-platform-oldcore Open Redirect vulnerability Moderate
CVE-2023-29204 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Apr 12, 2023
lambdaisland/uri `authority-regex` returns the wrong authority Moderate
CVE-2023-28628 was published for lambdaisland:uri (Maven) Mar 27, 2023
luigigubello plexus
Authelia allows open redirects on the logout endpoint Moderate
CVE-2021-29456 was published for github.com/authelia/authelia/v4 (Go) Mar 16, 2023
jonbayl
Open redirect in web2py Moderate
CVE-2023-22432 was published for web2py (pip) Mar 6, 2023
coreDNS vulnerable to Improper Restriction of Communication Channel to Intended Endpoints Moderate
CVE-2022-2837 was published for github.com/coredns/coredns (Go) Mar 3, 2023
chrisbloom7
keycloak-connect contains Open redirect vulnerability in the Node.js adapter Moderate
CVE-2022-2237 was published for keycloak-connect (npm) Mar 2, 2023
jviding
Open Redirect in Caddy Moderate
CVE-2022-28923 was published for github.com/caddyserver/caddy/v2 (Go) Feb 7, 2023
J3rry-1729
Open redirect vulnerability in Jenkins OpenID Plugin Moderate
CVE-2023-24445 was published for org.jenkins-ci.plugins:openid (Maven) Jan 26, 2023
scs-library-client may leak user credentials to third-party service via HTTP redirect Moderate
CVE-2022-23538 was published for github.com/sylabs/scs-library-client (Go) Jan 20, 2023
Open Redirect Vulnerability in Action Pack Moderate
CVE-2023-22797 was published for actionpack (RubyGems) Jan 18, 2023
pgAdmin 4 Open Redirect vulnerability Moderate
CVE-2023-22298 was published for pgadmin4 (pip) Jan 17, 2023
Apache Superset Open Redirect vulnerability Moderate
CVE-2022-43721 was published for apache-superset (pip) Jan 16, 2023
@okta/oidc-middlewareOpen Redirect vulnerability Moderate
CVE-2022-3145 was published for @okta/oidc-middleware (npm) Jan 9, 2023
jviding
Symbiote Seed Open Redirect vulnerability Moderate
CVE-2017-20164 was published for symbiote/silverstripe-seed (Composer) Jan 7, 2023
hyper-staticfile's location header incorporates user input, allowing open redirect Moderate
GHSA-5wvv-q5fv-2388 was published for hyper-staticfile (Rust) Dec 30, 2022
Macaron i18n Open Redirect vulnerability Moderate
CVE-2020-36627 was published for github.com/go-macaron/i18n (Go) Dec 25, 2022
rdiffweb Open Redirect vulnerability Moderate
CVE-2022-4644 was published for rdiffweb (pip) Dec 22, 2022
Oils JS vulnerable to Open Redirect Moderate
CVE-2021-4260 was published for oils (npm) Dec 19, 2022
Apache Helix UI vulnerable to Open Redirect Moderate
CVE-2022-47500 was published for org.apache.helix:helix (Maven) Dec 19, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database