Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

224 advisories

Loading
hyper-staticfile's location header incorporates user input, allowing open redirect Moderate
GHSA-5wvv-q5fv-2388 was published for hyper-staticfile (Rust) Dec 30, 2022
URL Redirection to Untrusted Site (Open Redirect) in Ktor Moderate
CVE-2019-19703 was published for io.ktor:ktor-client-core (Maven) Feb 12, 2020
Moderate severity vulnerability that affects org.apache.juddi:juddi-client Moderate
CVE-2015-5241 was published for org.apache.juddi:juddi-client (Maven) Oct 16, 2018
Open Redirect in apostrophe Moderate
GHSA-h97g-4mx7-5p2p was published for apostrophe (npm) Sep 3, 2020
Open Redirect in Next.js versions Moderate
CVE-2020-15242 was published for next (npm) Oct 8, 2020
Open Redirect Moderate
CVE-2018-15178 was published for gogs.io/gogs (Go) Jun 29, 2021
The pattern '/\domain.com' is not disallowed when redirecting, allowing for open redirect Moderate
CVE-2020-5233 was published for github.com/oauth2-proxy/oauth2-proxy (Go) Dec 20, 2021
Open Redirect in OAuth2 Proxy Moderate
CVE-2020-4037 was published for github.com/oauth2-proxy/oauth2-proxy (Go) Dec 20, 2021
Cross-site Scripting and Open Redirect in plone.app.contenttypes Moderate
GHSA-f7qw-5fgj-247x was published for plone.app.contenttypes (pip) Feb 1, 2022
Apache Superset Open Redirect vulnerability Moderate
CVE-2022-43721 was published for apache-superset (pip) Jan 16, 2023
Open Redirect in Flask-AppBuilder Moderate
CVE-2022-24776 was published for Flask-AppBuilder (pip) Mar 25, 2022
URL Confusion When Scheme Not Supplied in medialize/uri.js Moderate
CVE-2022-1233 was published for urijs (npm) Apr 5, 2022
Open redirect in wwbn/avideo Moderate
CVE-2022-27463 was published for wwbn/avideo (Composer) Apr 6, 2022
NextAuth.js default redirect callback vulnerable to open redirects Moderate
CVE-2022-24858 was published for next-auth (npm) Apr 22, 2022
rustyguts
URL Redirection to Untrusted Site ('Open Redirect') in next-auth Moderate
CVE-2022-29214 was published for next-auth (npm) May 24, 2022
Ry0taK
Gophish before 0.12.0 vulnerable to Open Redirect Moderate
CVE-2022-25295 was published for github.com/gophish/gophish (Go) Sep 12, 2022
Open redirect in ASP.NET Core Moderate
CVE-2019-1075 was published for Microsoft.AspNetCore.All (NuGet) May 24, 2022
Traefik vulnerable to Open Redirect via handling of X-Forwarded-Prefix header Moderate
CVE-2020-15129 was published for github.com/containous/traefik (Go) Feb 11, 2022
avivdolev
Server-side request forgery in Apache Dubbo Moderate
CVE-2022-24969 was published for com.alibaba:dubbo (Maven) Jun 10, 2022
Apache Helix UI vulnerable to Open Redirect Moderate
CVE-2022-47500 was published for org.apache.helix:helix (Maven) Dec 19, 2022
Open Redirect in microweber Moderate
CVE-2022-2252 was published for microweber/microweber (Composer) Jun 30, 2022
Open redirect in web2py Moderate
CVE-2022-33146 was published for web2py (pip) Jun 28, 2022
Oils JS vulnerable to Open Redirect Moderate
CVE-2021-4260 was published for oils (npm) Dec 19, 2022
Open Redirect in Apache Superset Moderate
CVE-2021-28125 was published for apache-superset (pip) Oct 6, 2021
westonsteimel
Authenticated OpenRedirect Vulnerability Moderate
CVE-2022-41965 was published for org.opencastproject:opencast-common (Maven) Nov 30, 2022
geichelberger
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database