GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
223 advisories
Filter by severity
hyper-staticfile's location header incorporates user input, allowing open redirect
Moderate
GHSA-5wvv-q5fv-2388
was published
for
hyper-staticfile
(Rust)
Dec 30, 2022
URL Redirection to Untrusted Site (Open Redirect) in Ktor
Moderate
CVE-2019-19703
was published
for
io.ktor:ktor-client-core
(Maven)
Feb 12, 2020
Moderate severity vulnerability that affects org.apache.juddi:juddi-client
Moderate
CVE-2015-5241
was published
for
org.apache.juddi:juddi-client
(Maven)
Oct 16, 2018
Open Redirect in apostrophe
Moderate
GHSA-h97g-4mx7-5p2p
was published
for
apostrophe
(npm)
Sep 3, 2020
The pattern '/\domain.com' is not disallowed when redirecting, allowing for open redirect
Moderate
CVE-2020-5233
was published
for
github.com/oauth2-proxy/oauth2-proxy
(Go)
Dec 20, 2021
Open Redirect in OAuth2 Proxy
Moderate
CVE-2020-4037
was published
for
github.com/oauth2-proxy/oauth2-proxy
(Go)
Dec 20, 2021
Cross-site Scripting and Open Redirect in plone.app.contenttypes
Moderate
GHSA-f7qw-5fgj-247x
was published
for
plone.app.contenttypes
(pip)
Feb 1, 2022
Apache Superset Open Redirect vulnerability
Moderate
CVE-2022-43721
was published
for
apache-superset
(pip)
Jan 16, 2023
Open Redirect in Flask-AppBuilder
Moderate
CVE-2022-24776
was published
for
Flask-AppBuilder
(pip)
Mar 25, 2022
URL Confusion When Scheme Not Supplied in medialize/uri.js
Moderate
CVE-2022-1233
was published
for
urijs
(npm)
Apr 5, 2022
Open redirect in wwbn/avideo
Moderate
CVE-2022-27463
was published
for
wwbn/avideo
(Composer)
Apr 6, 2022
NextAuth.js default redirect callback vulnerable to open redirects
Moderate
CVE-2022-24858
was published
for
next-auth
(npm)
Apr 22, 2022
URL Redirection to Untrusted Site ('Open Redirect') in next-auth
Moderate
CVE-2022-29214
was published
for
next-auth
(npm)
May 24, 2022
Gophish before 0.12.0 vulnerable to Open Redirect
Moderate
CVE-2022-25295
was published
for
github.com/gophish/gophish
(Go)
Sep 12, 2022
Open redirect in ASP.NET Core
Moderate
CVE-2019-1075
was published
for
Microsoft.AspNetCore.All
(NuGet)
May 24, 2022
Traefik vulnerable to Open Redirect via handling of X-Forwarded-Prefix header
Moderate
CVE-2020-15129
was published
for
github.com/containous/traefik
(Go)
Feb 11, 2022
Server-side request forgery in Apache Dubbo
Moderate
CVE-2022-24969
was published
for
com.alibaba:dubbo
(Maven)
Jun 10, 2022
Apache Helix UI vulnerable to Open Redirect
Moderate
CVE-2022-47500
was published
for
org.apache.helix:helix
(Maven)
Dec 19, 2022
Open Redirect in microweber
Moderate
CVE-2022-2252
was published
for
microweber/microweber
(Composer)
Jun 30, 2022
Oils JS vulnerable to Open Redirect
Moderate
CVE-2021-4260
was published
for
oils
(npm)
Dec 19, 2022
Open Redirect in Apache Superset
Moderate
CVE-2021-28125
was published
for
apache-superset
(pip)
Oct 6, 2021
Authenticated OpenRedirect Vulnerability
Moderate
CVE-2022-41965
was published
for
org.opencastproject:opencast-common
(Maven)
Nov 30, 2022
ProTip!
Advisories are also available from the
GraphQL API