Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

336 advisories

Loading
python-fedora vulnerable to an open redirect resulting in loss of CSRF protection Moderate
CVE-2017-1002150 was published for python-fedora (pip) Jul 13, 2018
Open Redirect in hekto Moderate
CVE-2018-3743 was published for hekto (npm) Jul 18, 2018
Open Redirect in st Moderate
CVE-2017-16224 was published for st (npm) Aug 6, 2018
Django open redirect Moderate
CVE-2018-14574 was published for Django (pip) Oct 4, 2018
MarkLee131
Credited to MarkLee131
Moderate severity vulnerability that affects org.apache.juddi:juddi-client Moderate
CVE-2015-5241 was published for org.apache.juddi:juddi-client (Maven) Oct 16, 2018
Apache Tomcat Open Redirect vulnerability Moderate
CVE-2018-11784 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 17, 2018
sunSUNQ
Credited to sunSUNQ
Plone Open Redirect Moderate
CVE-2017-1000484 was published for Plone (pip) Jan 4, 2019
Django open redirect Moderate
CVE-2017-7234 was published for django (pip) Jan 4, 2019
MarkLee131
Credited to MarkLee131
Django open redirect and possible XSS attack via user-supplied numeric redirect URLs Moderate
CVE-2017-7233 was published for Django (pip) Jan 4, 2019
sunSUNQ
Credited to sunSUNQ
spring-security-oauth and spring-security-oauth2 Open Redirect vulnerability Moderate
CVE-2019-3778 was published for org.springframework.security.oauth:spring-security-oauth (Maven) Mar 14, 2019
davidsnt
Credited to davidsnt
Doorkeeper-openid_connect contains Open Redirect Moderate
CVE-2019-9837 was published for doorkeeper-openid_connect (RubyGems) Mar 25, 2019
Open Redirect vulnerability in jupyterhub and notebook Moderate
CVE-2019-10255 was published for jupyterhub (pip) Apr 2, 2019
Jupyter Notebook open redirect vulnerability Moderate
CVE-2019-10856 was published for notebook (pip) Apr 9, 2019
Open Redirect in Spring Security OAuth Moderate
CVE-2019-11269 was published for org.springframework.security.oauth:spring-security-oauth (Maven) Jun 13, 2019
SunBK201
Credited to SunBK201
Open Redirect in httpie High
CVE-2019-10751 was published for httpie (pip) Aug 27, 2019
smartbanner.js rel noopener vulnerability Low
CVE-2025-25300 was published for smartbanner.js (npm) Sep 13, 2019
URL Redirection to Untrusted Site (Open Redirect) in Ktor Moderate
CVE-2019-19703 was published for io.ktor:ktor-client-core (Maven) Feb 12, 2020
Open Redirect in ecstatic High
GHSA-9q64-mpxx-87fg was published for ecstatic (npm) Apr 1, 2020
Open Redirect in serve-static Low
CVE-2015-1164 was published for serve-static (npm) Aug 31, 2020
Open Redirect in apostrophe Moderate
GHSA-h97g-4mx7-5p2p was published for apostrophe (npm) Sep 3, 2020
Open Redirect in Next.js versions Moderate
CVE-2020-15242 was published for next (npm) Oct 8, 2020
Cross-Site Scripting in ternary conditional operator Moderate
CVE-2020-15241 was published for typo3/cms (Composer) Oct 8, 2020
billdagou NamelessCoder
Credited to billdagou and NamelessCoder
Update bitlyshortener to >=0.5.0 to prevent generating some invalid short URLs High
GHSA-r82c-j4mq-5xfw was published for bitlyshortener (pip) Oct 27, 2020
Open redirect in Jupyter Notebook Low
CVE-2020-26215 was published for notebook (pip) Nov 18, 2020
Open redirect in Jupyter Server Moderate
CVE-2020-26232 was published for jupyter-server (pip) Nov 24, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database