Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

992 advisories

Loading
The WebP Converter for Media WordPress plugin before 4.0.3 contains a file (passthru.php) which... Moderate Unreviewed
CVE-2021-25074 was published Jan 25, 2022
node-fetch forwards secure headers to untrusted sites High
CVE-2022-0235 was published for node-fetch (npm) Jan 21, 2022
kurt-r2c
Open Redirect in node-forge Moderate
CVE-2022-0122 was published for node-forge (npm) Jan 21, 2022
The AnyComment WordPress plugin through 0.2.17 has an API endpoint which passes user input via... Moderate Unreviewed
CVE-2021-24838 was published Jan 18, 2022
An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If... Moderate Unreviewed
CVE-2021-38678 was published Jan 15, 2022
URL parsing in node-forge could lead to undesired behavior. Low
GHSA-gf8q-jrpm-jvxq was published for node-forge (npm) Jan 8, 2022
kurt-r2c
Open Redirect in Grav Moderate
CVE-2020-11529 was published for getgrav/grav (Composer) Jan 7, 2022
Open redirect in shopware Moderate
CVE-2022-21651 was published for shopware/shopware (Composer) Jan 6, 2022
Open redirect vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession... Moderate Unreviewed
CVE-2021-20875 was published Dec 25, 2021
Open redirect vulnerability in Sourcegraph Moderate
CVE-2020-12283 was published for github.com/sourcegraph/sourcegraph (Go) Dec 20, 2021
Open Redirect in oauth2_proxy Moderate
CVE-2017-1000070 was published for github.com/bitly/oauth2_proxy (Go) Dec 20, 2021
The pattern '/\domain.com' is not disallowed when redirecting, allowing for open redirect Moderate
CVE-2020-5233 was published for github.com/oauth2-proxy/oauth2-proxy (Go) Dec 20, 2021
Open Redirect in OAuth2 Proxy High
CVE-2020-11053 was published for github.com/oauth2-proxy/oauth2-proxy (Go) Dec 20, 2021
rootxharsh iamnoooob
Mik317
Open Redirect in OAuth2 Proxy Moderate
CVE-2020-4037 was published for github.com/oauth2-proxy/oauth2-proxy (Go) Dec 20, 2021
TCMAN GIM is affected by an open redirect vulnerability. This vulnerability allows the... Moderate Unreviewed
CVE-2021-40852 was published Dec 18, 2021
An issue in /domain/service/.ewell-known/caldav of Zimbra Collaboration 8.8.12 allows attackers... Moderate Unreviewed
CVE-2020-18985 was published Dec 17, 2021
Open redirect in @auth0/nextjs-auth0 Moderate
CVE-2021-43812 was published for @auth0/nextjs-auth0 (npm) Dec 16, 2021
Open Redirect in showdoc Moderate
CVE-2021-4000 was published for showdoc/showdoc (Composer) Dec 16, 2021
actionpack Open Redirect in Host Authorization Middleware Moderate
CVE-2021-44528 was published for actionpack (RubyGems) Dec 14, 2021
Open Redirect in Flask-Security-Too Low
GHSA-gxjj-f44v-qm94 was published for Flask-Security-Too (pip) Dec 14, 2021 withdrawn
openwhyd is vulnerable to URL Redirection to Untrusted Site Moderate Unreviewed
CVE-2021-3829 was published Dec 11, 2021
Open Redirect in xdLocalStorage Moderate
CVE-2020-11611 was published for xdLocalStorage (npm) Dec 9, 2021
G-Rath
A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and... Moderate Unreviewed
CVE-2021-36191 was published Dec 9, 2021
A url redirection to untrusted site ('open redirect') in Fortinet FortiWeb version 6.4.1 and 6.4... Moderate Unreviewed
CVE-2021-43064 was published Dec 9, 2021
The 'Copy Image Link' context menu action would copy the final image URL after redirects. By... Moderate Unreviewed
CVE-2021-43532 was published Dec 9, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database