Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

224 advisories

Loading
Terms and Conditions Module vulnerable to Open Redirect Moderate
CVE-2022-4589 was published for django-termsandconditions (pip) Dec 17, 2022
Jenkins Google Login Plugin Open Redirect vulnerability Moderate
CVE-2022-46683 was published for org.jenkins-ci.plugins:google-login (Maven) Dec 12, 2022
Authenticated OpenRedirect Vulnerability Moderate
CVE-2022-41965 was published for org.opencastproject:opencast-common (Maven) Nov 30, 2022
geichelberger
Apache Airflow Contains Open Redirect Moderate
CVE-2022-45402 was published for apache-airflow (pip) Nov 15, 2022
sunSUNQ
Apache Airflow Open Redirect vulnerability Moderate
CVE-2022-43985 was published for apache-airflow (pip) Nov 2, 2022
rdiffweb vulnerable to Open Redirect Moderate
CVE-2022-3438 was published for rdiffweb (pip) Oct 10, 2022
Flask-Security vulnerable to Open Redirect Moderate
CVE-2021-23385 was published for Flask-Security (pip) Oct 7, 2022
Apache Airflow contains open redirect Moderate
CVE-2022-40754 was published for apache-airflow (pip) Sep 22, 2022
OAuthLib vulnerable to DoS when attacker provides malicious IPV6 URI Moderate
CVE-2022-36087 was published for oauthlib (pip) Sep 16, 2022
SCH227 loljawn
Gophish before 0.12.0 vulnerable to Open Redirect Moderate
CVE-2022-25295 was published for github.com/gophish/gophish (Go) Sep 12, 2022
Moodle Open redirect risk in mobile auto-login feature Moderate
CVE-2022-35652 was published for moodle/moodle (Composer) Jul 26, 2022
Open Redirect in microweber Moderate
CVE-2022-2252 was published for microweber/microweber (Composer) Jun 30, 2022
Open redirect in web2py Moderate
CVE-2022-33146 was published for web2py (pip) Jun 28, 2022
Server-side request forgery in Apache Dubbo Moderate
CVE-2022-24969 was published for com.alibaba:dubbo (Maven) Jun 10, 2022
Open redirect in caddy Moderate
CVE-2022-29718 was published for github.com/caddyserver/caddy (Go) Jun 3, 2022
URL Redirection to Untrusted Site ('Open Redirect') in next-auth Moderate
CVE-2022-29214 was published for next-auth (npm) May 24, 2022
Ry0taK
Open redirect vulnerability in Jenkins CAS Plugin Moderate
CVE-2021-21673 was published for org.jenkins-ci.plugins:cas-plugin (Maven) May 24, 2022
NotMyFault
Drupal Core Open Redirect vulnerability Moderate
CVE-2020-13662 was published for drupal/core (Composer) May 24, 2022
Keycloak vulnerable to Server-Side Request Forgery Moderate
CVE-2020-10770 was published for org.keycloak:keycloak-core (Maven) May 24, 2022
OpenStack Horizon Open redirect in workflow forms Moderate
CVE-2020-29565 was published for horizon (pip) May 24, 2022
MediaWiki Open Redirect vulnerability Moderate
CVE-2020-10959 was published for mediawiki/core (Composer) May 24, 2022
Knock Knock plugin Open redirection vulnerability Moderate
CVE-2020-13486 was published for verbb/knock-knock (Composer) May 24, 2022
Moodle open redirect vulnerability Moderate
CVE-2019-14882 was published for moodle/moodle (Composer) May 24, 2022
Plone Open Redirect Vulnerability Moderate
CVE-2020-7936 was published for Plone (pip) May 24, 2022
Athenz vulnerable to Open Redirect Moderate
CVE-2019-6035 was published for com.yahoo.athenz:athenz (Maven) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database