Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
Open Redirect in serve-static Low
CVE-2015-1164 was published for serve-static (npm) Aug 31, 2020
Open Redirect in Flask-Security-Too Low
GHSA-gxjj-f44v-qm94 was published for Flask-Security-Too (pip) Dec 14, 2021 withdrawn
Subdomain checking of whitelisted domains could allow unintended redirects in oauth2-proxy Low
CVE-2021-21291 was published for github.com/oauth2-proxy/oauth2-proxy (Go) May 25, 2021
semoac
URL parsing in node-forge could lead to undesired behavior. Low
GHSA-gf8q-jrpm-jvxq was published for node-forge (npm) Jan 8, 2022
kurt-r2c
OIDC Logout redirect in keycloak Low
CVE-2020-10734 was published for org.keycloak:keycloak-oidc-client-adapter-pom (Maven) Apr 28, 2022
sonOfRa
undici before v5.8.0 vulnerable to uncleared cookies on cross-host / cross-origin redirect Low
CVE-2022-31151 was published for undici (npm) Jul 21, 2022
Haxatron
Open redirects on some federation and push requests Low
CVE-2021-21273 was published for matrix-synapse (pip) Feb 26, 2021
mscherer
URL Redirection to Untrusted Site ('Open Redirect') in Products.PluggableAuthService Low
CVE-2021-21337 was published for Products.PluggableAuthService (pip) Mar 8, 2021
jugmac00 xoffense
Open Redirect in Flask-Security-Too Low
CVE-2021-32618 was published for Flask-Security-Too (pip) May 17, 2021
tdunlap607
Forwarding of confidentials headers to third parties in fluture-node Low
CVE-2022-24719 was published for fluture-node (npm) Mar 1, 2022
code.gitea.io/gitea Open Redirect vulnerability Low
CVE-2023-3515 was published for code.gitea.io/gitea (Go) Jul 5, 2023
Flarum's logout Route allows open redirects Low
CVE-2024-21641 was published for flarum/core (Composer) Jan 5, 2024
imorland DavideIadeluca
October System module has an Open Redirect for Administrator Accounts Low
CVE-2024-24764 was published for october/system (Composer) Jun 26, 2024
`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware) Low
CVE-2021-21330 was published for aiohttp (pip) Feb 26, 2021
jelmer g147
ProTip! Advisories are also available from the GraphQL API