Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

992 advisories

Loading
Open redirect in @auth0/nextjs-auth0 Moderate
CVE-2021-43812 was published for @auth0/nextjs-auth0 (npm) Dec 16, 2021
An issue in /domain/service/.ewell-known/caldav of Zimbra Collaboration 8.8.12 allows attackers... Moderate Unreviewed
CVE-2020-18985 was published Dec 17, 2021
TCMAN GIM is affected by an open redirect vulnerability. This vulnerability allows the... Moderate Unreviewed
CVE-2021-40852 was published Dec 18, 2021
Open Redirect in OAuth2 Proxy Moderate
CVE-2020-4037 was published for github.com/oauth2-proxy/oauth2-proxy (Go) Dec 20, 2021
Open Redirect in OAuth2 Proxy High
CVE-2020-11053 was published for github.com/oauth2-proxy/oauth2-proxy (Go) Dec 20, 2021
rootxharsh iamnoooob
Mik317
The pattern '/\domain.com' is not disallowed when redirecting, allowing for open redirect Moderate
CVE-2020-5233 was published for github.com/oauth2-proxy/oauth2-proxy (Go) Dec 20, 2021
Open Redirect in oauth2_proxy Moderate
CVE-2017-1000070 was published for github.com/bitly/oauth2_proxy (Go) Dec 20, 2021
Open redirect vulnerability in Sourcegraph Moderate
CVE-2020-12283 was published for github.com/sourcegraph/sourcegraph (Go) Dec 20, 2021
Open redirect vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession... Moderate Unreviewed
CVE-2021-20875 was published Dec 25, 2021
Open redirect in shopware Moderate
CVE-2022-21651 was published for shopware/shopware (Composer) Jan 6, 2022
Open Redirect in Grav Moderate
CVE-2020-11529 was published for getgrav/grav (Composer) Jan 7, 2022
URL parsing in node-forge could lead to undesired behavior. Low
GHSA-gf8q-jrpm-jvxq was published for node-forge (npm) Jan 8, 2022
kurt-r2c
An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If... Moderate Unreviewed
CVE-2021-38678 was published Jan 15, 2022
The AnyComment WordPress plugin through 0.2.17 has an API endpoint which passes user input via... Moderate Unreviewed
CVE-2021-24838 was published Jan 18, 2022
Open Redirect in node-forge Moderate
CVE-2022-0122 was published for node-forge (npm) Jan 21, 2022
node-fetch forwards secure headers to untrusted sites High
CVE-2022-0235 was published for node-fetch (npm) Jan 21, 2022
kurt-r2c
The WebP Converter for Media WordPress plugin before 4.0.3 contains a file (passthru.php) which... Moderate Unreviewed
CVE-2021-25074 was published Jan 25, 2022
The Event Tickets WordPress plugin before 5.2.2 does not validate the tribe_tickets_redirect_to... Moderate Unreviewed
CVE-2021-25028 was published Jan 25, 2022
Cross-site Scripting and Open Redirect in Products.ATContentTypes Moderate
CVE-2022-23599 was published for Products.ATContentTypes (pip) Jan 28, 2022
Adenza AxiomSL ControllerView through 10.8.1 allows redirection for SSO login URLs. Moderate Unreviewed
CVE-2022-22919 was published Jan 31, 2022
Unsafe handling of user-specified cookies in treq High
CVE-2022-23607 was published for treq (pip) Feb 1, 2022
glyph twm
Cross-site Scripting and Open Redirect in plone.app.contenttypes Moderate
GHSA-f7qw-5fgj-247x was published for plone.app.contenttypes (pip) Feb 1, 2022
In affected Octopus Server versions when the server HTTP and HTTPS bindings are configured to... Moderate Unreviewed
CVE-2022-23184 was published Feb 8, 2022
Open redirect in Gitea Moderate
CVE-2021-45328 was published for github.com/go-gitea/gitea (Go) Feb 9, 2022
URL Redirection to Untrusted Site ('Open Redirect') Moderate
CVE-2022-23618 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Feb 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database