Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,801
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,010
NuGet
720
pip
3,810
Pub
12
RubyGems
930
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+

246 advisories

Loading
rdiffweb vulnerable to Open Redirect Moderate
CVE-2022-3438 was published for rdiffweb (pip) Oct 10, 2022
Flask-Security vulnerable to Open Redirect Moderate
CVE-2021-23385 was published for Flask-Security (pip) Oct 7, 2022
Apache Airflow contains open redirect Moderate
CVE-2022-40754 was published for apache-airflow (pip) Sep 22, 2022
OAuthLib vulnerable to DoS when attacker provides malicious IPV6 URI Moderate
CVE-2022-36087 was published for oauthlib (pip) Sep 16, 2022
SCH227 loljawn
Gophish before 0.12.0 vulnerable to Open Redirect Moderate
CVE-2022-25295 was published for github.com/gophish/gophish (Go) Sep 12, 2022
Moodle Open redirect risk in mobile auto-login feature Moderate
CVE-2022-35652 was published for moodle/moodle (Composer) Jul 26, 2022
Open Redirect in microweber Moderate
CVE-2022-2252 was published for microweber/microweber (Composer) Jun 30, 2022
Open redirect in web2py Moderate
CVE-2022-33146 was published for web2py (pip) Jun 28, 2022
Server-side request forgery in Apache Dubbo Moderate
CVE-2022-24969 was published for com.alibaba:dubbo (Maven) Jun 10, 2022
Open redirect in caddy Moderate
CVE-2022-29718 was published for github.com/caddyserver/caddy (Go) Jun 3, 2022
URL Redirection to Untrusted Site ('Open Redirect') in next-auth Moderate
CVE-2022-29214 was published for next-auth (npm) May 24, 2022
Ry0taK
Liferay Portal and Liferay DXP Allows Arbitrary Redirect of Users to External URLs Moderate
CVE-2021-33331 was published for com.liferay.portal:release.dxp.bom (Maven) May 24, 2022
Open redirect vulnerability in Jenkins CAS Plugin Moderate
CVE-2021-21673 was published for org.jenkins-ci.plugins:cas-plugin (Maven) May 24, 2022
NotMyFault
Drupal Core Open Redirect vulnerability Moderate
CVE-2020-13662 was published for drupal/core (Composer) May 24, 2022
Keycloak vulnerable to Server-Side Request Forgery Moderate
CVE-2020-10770 was published for org.keycloak:keycloak-core (Maven) May 24, 2022
OpenStack Horizon Open redirect in workflow forms Moderate
CVE-2020-29565 was published for horizon (pip) May 24, 2022
MediaWiki Open Redirect vulnerability Moderate
CVE-2020-10959 was published for mediawiki/core (Composer) May 24, 2022
Knock Knock plugin Open redirection vulnerability Moderate
CVE-2020-13486 was published for verbb/knock-knock (Composer) May 24, 2022
Moodle open redirect vulnerability Moderate
CVE-2019-14882 was published for moodle/moodle (Composer) May 24, 2022
Plone Open Redirect Vulnerability Moderate
CVE-2020-7936 was published for Plone (pip) May 24, 2022
Athenz vulnerable to Open Redirect Moderate
CVE-2019-6035 was published for com.yahoo.athenz:athenz (Maven) May 24, 2022
Possible to circumvent title-blacklist Moderate
CVE-2019-19709 was published for mediawiki/core (Composer) May 24, 2022
Jenkins Gitlab Authentication Plugin Open Redirect vulnerability Moderate
CVE-2019-10372 was published for org.jenkins-ci.plugins:gitlab-oauth (Maven) May 24, 2022
Open redirect in ASP.NET Core Moderate
CVE-2019-1075 was published for Microsoft.AspNetCore.All (NuGet) May 24, 2022
Moodle Open Redirect Vulnerability Moderate
CVE-2019-10133 was published for moodle/moodle (Composer) May 24, 2022
MarkLee131
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database