Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,056 advisories

Loading
pomerium_signature is not verified in middleware in github.com/pomerium/pomerium Moderate
CVE-2021-29652 was published for github.com/pomerium/pomerium (Go) May 21, 2021
cure53
Credited to cure53
gopkg.in/macaron.v1 Open Redirect vulnerability Moderate
CVE-2020-12666 was published for gopkg.in/macaron.v1 (Go) May 18, 2021
Possible Open Redirect Vulnerability in Action Pack Moderate
CVE-2021-22903 was published for actionpack (RubyGems) May 5, 2021
Open Redirect in werkzeug Moderate
CVE-2020-28724 was published for werkzeug (pip) Apr 20, 2021
Open Redirect in autobahn Moderate
CVE-2020-35678 was published for autobahn (pip) Apr 20, 2021
OMERO webclient does not validate URL redirects on login or switching group. Moderate
CVE-2021-21377 was published for omero-web (pip) Mar 23, 2021
Open Redirection in Login Handling Moderate
CVE-2021-21338 was published for typo3/cms (Composer) Mar 23, 2021
einpraegsam derhansen
Credited to einpraegsam and derhansen
URL Redirection to Untrusted Site ('Open Redirect') in Products.PluggableAuthService Moderate
CVE-2021-21337 was published for Products.PluggableAuthService (pip) Mar 8, 2021
jugmac00 xoffense
Credited to jugmac00 and xoffense
Actionpack Open Redirect Vulnerability Moderate
CVE-2021-22881 was published for actionpack (RubyGems) Mar 2, 2021
Open redirects on some federation and push requests Moderate
CVE-2021-21273 was published for matrix-synapse (pip) Feb 26, 2021
mscherer
Credited to mscherer
Open redirect in Slashify Moderate
CVE-2021-3189 was published for slashify (npm) Feb 5, 2021
Jupyter Server open redirect vulnerability Moderate
CVE-2020-26275 was published for jupyter-server (pip) Dec 21, 2020
Yaniv-git
Credited to Yaniv-git
Open redirect in Jupyter Server Moderate
CVE-2020-26232 was published for jupyter-server (pip) Nov 24, 2020
Cross-Site Scripting in ternary conditional operator Moderate
CVE-2020-15241 was published for typo3/cms (Composer) Oct 8, 2020
billdagou NamelessCoder
Credited to billdagou and NamelessCoder
Open Redirect in Next.js versions Moderate
CVE-2020-15242 was published for next (npm) Oct 8, 2020
Open Redirect in apostrophe Moderate
GHSA-h97g-4mx7-5p2p was published for apostrophe (npm) Sep 3, 2020
URL Redirection to Untrusted Site (Open Redirect) in Ktor Moderate
CVE-2019-19703 was published for io.ktor:ktor-client-core (Maven) Feb 12, 2020
Open Redirect in Spring Security OAuth Moderate
CVE-2019-11269 was published for org.springframework.security.oauth:spring-security-oauth (Maven) Jun 13, 2019
SunBK201
Credited to SunBK201
Jupyter Notebook open redirect vulnerability Moderate
CVE-2019-10856 was published for notebook (pip) Apr 9, 2019
Open Redirect vulnerability in jupyterhub and notebook Moderate
CVE-2019-10255 was published for jupyterhub (pip) Apr 2, 2019
Doorkeeper-openid_connect contains Open Redirect Moderate
CVE-2019-9837 was published for doorkeeper-openid_connect (RubyGems) Mar 25, 2019
spring-security-oauth and spring-security-oauth2 Open Redirect vulnerability Moderate
CVE-2019-3778 was published for org.springframework.security.oauth:spring-security-oauth (Maven) Mar 14, 2019
davidsnt
Credited to davidsnt
Django open redirect and possible XSS attack via user-supplied numeric redirect URLs Moderate
CVE-2017-7233 was published for Django (pip) Jan 4, 2019
sunSUNQ
Credited to sunSUNQ
Django open redirect Moderate
CVE-2017-7234 was published for django (pip) Jan 4, 2019
MarkLee131
Credited to MarkLee131
Plone Open Redirect Moderate
CVE-2017-1000484 was published for Plone (pip) Jan 4, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database