Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

38 advisories

Loading
keycloak-core: open redirect via "form_post.jwt" JARM response mode Moderate
CVE-2023-6927 was published for org.keycloak:keycloak-core (Maven) Jan 23, 2024
PontusHanssen kasperkarlsson
Chetven
Duplicate Advisory: Keycloak Open Redirect vulnerability Moderate
GHSA-3p75-q5cc-qmj7 was published for org.keycloak:keycloak-parent (Maven) Dec 19, 2023 withdrawn
Keycloak has Vulnerable Redirect URI Validation Results in Open Redirect Moderate
CVE-2024-8883 was published for org.keycloak:keycloak-services (Maven) Oct 14, 2024
Chetven
Open redirect vulnerability in Jenkins OpenId Connect Authentication Plugin Moderate
CVE-2023-50771 was published for org.jenkins-ci.plugins:oic-auth (Maven) Dec 13, 2023
westonsteimel
Eclipse Glassfish improperly handles http parameters Moderate
CVE-2024-9329 was published for org.glassfish.main.admin:rest-service (Maven) Sep 30, 2024
Eclipse Glassfish URL redirection vulnerability Moderate
CVE-2024-8646 was published for org.glassfish.main.web:web-core (Maven) Sep 11, 2024
Keycloak Open Redirect vulnerability Moderate
CVE-2024-7260 was published for org.keycloak:keycloak-core (Maven) Sep 9, 2024
Keycloak Cross-site Scripting (XSS) via assertion consumer service URL in SAML POST-binding flow Moderate
CVE-2023-6717 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
Open Redirect in Spring Security OAuth Moderate
CVE-2019-11269 was published for org.springframework.security.oauth:spring-security-oauth (Maven) Jun 13, 2019
SunBK201
Cloud Foundry UAA open redirect Moderate
CVE-2018-11041 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 14, 2022
sunSUNQ
Apache Tomcat Open Redirect vulnerability Moderate
CVE-2018-11784 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 17, 2018
sunSUNQ
Dojo Open Redirect vulnerability Moderate
CVE-2010-2274 was published for org.dojotoolkit:dojo (Maven) May 17, 2022
Jenkins Gitlab Authentication Plugin Open Redirect vulnerability Moderate
CVE-2019-10372 was published for org.jenkins-ci.plugins:gitlab-oauth (Maven) May 24, 2022
Open redirect vulnerability in Jenkins CAS Plugin Moderate
CVE-2021-21673 was published for org.jenkins-ci.plugins:cas-plugin (Maven) May 24, 2022
NotMyFault
Open redirect in Apache Shiro Moderate
CVE-2023-46750 was published for org.apache.shiro:shiro-web (Maven) Dec 14, 2023
Apache Tomcat Open Redirect vulnerability Moderate
CVE-2023-41080 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Aug 25, 2023
cdupuis
Jenkins OpenShift Login Plugin vulnerable to Open Redirect Moderate
CVE-2023-37947 was published for org.openshift.jenkins:openshift-login (Maven) Jul 12, 2023
org.xwiki.platform:xwiki-platform-oldcore Open Redirect vulnerability Moderate
CVE-2023-32068 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) May 15, 2023
Open redirect vulnerability in Jenkins GitLab Authentication Plugin Moderate
CVE-2022-25196 was published for org.jenkins-ci.plugins:gitlab-oauth (Maven) Feb 16, 2022
NotMyFault
Apache Sling Auth Core bundle vulnerable to Open Redirection Moderate
CVE-2013-4390 was published for org.apache.sling:org.apache.sling.auth.core (Maven) May 17, 2022
JBoss KeyCloak Open Redirect Moderate
CVE-2014-3652 was published for org.keycloak:keycloak-services (Maven) May 17, 2022
Apache Ambari Open Redirect Moderate
CVE-2015-5210 was published for org.apache.ambari:ambari (Maven) May 17, 2022
Keycloak Open Redirect Moderate
CVE-2018-14658 was published for org.keycloak:keycloak-core (Maven) May 13, 2022
spring-security-oauth and spring-security-oauth2 Open Redirect vulnerability Moderate
CVE-2019-3778 was published for org.springframework.security.oauth:spring-security-oauth (Maven) Mar 14, 2019
davidsnt
org.xwiki.platform:xwiki-platform-oldcore Open Redirect vulnerability Moderate
CVE-2023-29204 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Apr 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database