Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+

226 advisories

Loading
Open Redirect in xdLocalStorage Moderate
CVE-2020-11611 was published for xdLocalStorage (npm) Dec 9, 2021
G-Rath
showdoc is vulnerable to URL Redirection to Untrusted Site Moderate
CVE-2021-3989 was published for showdoc/showdoc (Composer) Dec 3, 2021
Open Redirect in firefly-iii Moderate
CVE-2021-3851 was published for grumpydictator/firefly-iii (Composer) Oct 21, 2021
Open Redirect in Apache Superset Moderate
CVE-2021-28125 was published for apache-superset (pip) Oct 6, 2021
westonsteimel
URL Redirection to Untrusted Site ('Open Redirect') in fastify-static Moderate
CVE-2021-22963 was published for fastify-static (npm) Oct 5, 2021
Flask-AppBuilder Open Redirect vulnerability Moderate
CVE-2021-32805 was published for Flask-AppBuilder (pip) Sep 8, 2021
Incomplete List of Disallowed Inputs in Kubernetes Moderate
CVE-2021-25737 was published for k8s.io/kubernetes (Go) Sep 7, 2021
Open Redirect in ActionPack Moderate
CVE-2021-22942 was published for actionpack (RubyGems) Aug 26, 2021
Open Redirect in Next.js Moderate
CVE-2021-37699 was published for next (npm) Aug 12, 2021
medikoo
Open redirect in url-parse Moderate
CVE-2021-3664 was published for url-parse (npm) Aug 10, 2021
Open Redirect in Flask-User Moderate
CVE-2021-23401 was published for Flask-User (pip) Aug 9, 2021
URIjs Vulnerable to Hostname spoofing via backslashes in URL Moderate
CVE-2021-3647 was published for urijs (npm) Jul 19, 2021
ready-research
Open Redirect in github.com/AndrewBurian/powermux Moderate
CVE-2021-32721 was published for github.com/AndrewBurian/powermux (Go) Jul 1, 2021
Open Redirect Moderate
CVE-2018-15178 was published for gogs.io/gogs (Go) Jun 29, 2021
Open redirect in Flask-Unchained Moderate
CVE-2021-23393 was published for Flask-Unchained (pip) Jun 15, 2021
Open Redirect in trailing-slash Moderate
CVE-2021-23387 was published for trailing-slash (npm) Jun 8, 2021
OAuth2 Redirect URL validity does not respect query parameters and character casing for loopback addresses Moderate
CVE-2020-15233 was published for github.com/ory/fosite (Go) May 24, 2021
mitar aeneasr
Redirect URL matching ignores character casing Moderate
CVE-2020-15234 was published for github.com/ory/fosite (Go) May 24, 2021
mitar
Open redirect in direct_mail Moderate
CVE-2020-12699 was published for directmailteam/direct-mail (Composer) May 24, 2021
JWT leak via Open Redirect in Programmatic access Moderate
CVE-2021-29651 was published for github.com/pomerium/pomerium (Go) May 21, 2021
cure53
pomerium_signature is not verified in middleware in github.com/pomerium/pomerium Moderate
CVE-2021-29652 was published for github.com/pomerium/pomerium (Go) May 21, 2021
cure53
gopkg.in/macaron.v1 Open Redirect vulnerability Moderate
CVE-2020-12666 was published for gopkg.in/macaron.v1 (Go) May 18, 2021
Possible Open Redirect Vulnerability in Action Pack Moderate
CVE-2021-22903 was published for actionpack (RubyGems) May 5, 2021
Open Redirect in werkzeug Moderate
CVE-2020-28724 was published for werkzeug (pip) Apr 20, 2021
Open Redirect in autobahn Moderate
CVE-2020-35678 was published for autobahn (pip) Apr 20, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database