Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,488
Maven
5,000+
npm
5,000+
NuGet
889
pip
4,743
Pub
13
RubyGems
1,032
Rust
1,227
Swift
53
Unreviewed advisories
All unreviewed
5,000+

1,345 advisories

Loading
Open Redirect in CPython that affects users of OpenStack Nova Moderate
CVE-2021-3654 was published for nova (pip) Mar 4, 2022
Forwarding of confidentials headers to third parties in fluture-node Low
CVE-2022-24719 was published for fluture-node (npm) Mar 1, 2022
An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3.... Moderate Unreviewed
CVE-2022-26156 was published Mar 1, 2022
An issue was discovered in the web application in Cherwell Service Management (CSM) 10.2.3. It... Moderate Unreviewed
CVE-2022-26158 was published Mar 1, 2022
In JetBrains TeamCity before 2021.2.1, a redirection to an external site was possible. Moderate Unreviewed
CVE-2022-24330 was published Feb 26, 2022
Open redirect in karma Moderate
CVE-2021-23495 was published for karma (npm) Feb 26, 2022
A remote URL redirection vulnerability was discovered in HPE OneView Global Dashboard version(s):... Moderate Unreviewed
CVE-2021-29217 was published Feb 25, 2022
Open Redirect in AllTube Moderate
CVE-2022-0692 was published for rudloff/alltube (Composer) Feb 23, 2022
hitisec Credited to hitisec
open redirect in pollbot Moderate
CVE-2022-0637 was published for pollbot (pip) Feb 16, 2022
sampritdas8 Credited to sampritdas8 and tdunlap607 tdunlap607 tdunlap607
Open redirect in microweber Moderate
CVE-2022-0597 was published for microweber/microweber (Composer) Feb 16, 2022
Open redirect vulnerability in Jenkins GitLab Authentication Plugin Moderate
CVE-2022-25196 was published for org.jenkins-ci.plugins:gitlab-oauth (Maven) Feb 16, 2022
NotMyFault Credited to NotMyFault
Pivotal Concourse Open Redirect in Login Flow Moderate
CVE-2018-15798 was published for github.com/concourse/concourse (Go) Feb 15, 2022
Arbitrary redirects under /new endpoint Moderate
CVE-2021-29622 was published for github.com/prometheus/prometheus (Go) Feb 15, 2022
dodek Credited to dodek
The WordPress Newsletter Plugin WordPress plugin before 1.6.5 does not validate the to parameter... Moderate Unreviewed
CVE-2021-25033 was published Feb 15, 2022
Open redirect in microweber Moderate
CVE-2022-0560 was published for microweber/microweber (Composer) Feb 12, 2022
Traefik vulnerable to Open Redirect via handling of X-Forwarded-Prefix header Moderate
CVE-2020-15129 was published for github.com/containous/traefik (Go) Feb 11, 2022
avivdolev Credited to avivdolev
Open Redirect in koa-remove-trailing-slashes Moderate
CVE-2021-23384 was published for koa-remove-trailing-slashes (npm) Feb 10, 2022
tdunlap607 Credited to tdunlap607
Open Redirect vulnerability exists in SeedDMS 6.0.15 in out.Login.php, which llows remote... Moderate Unreviewed
CVE-2021-45408 was published Feb 10, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0).... Moderate Unreviewed
CVE-2022-23102 was published Feb 10, 2022
URL Redirection to Untrusted Site ('Open Redirect') Moderate
CVE-2022-23618 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Feb 9, 2022
Open redirect in Gitea Moderate
CVE-2021-45328 was published for github.com/go-gitea/gitea (Go) Feb 9, 2022
In affected Octopus Server versions when the server HTTP and HTTPS bindings are configured to... Moderate Unreviewed
CVE-2022-23184 was published Feb 8, 2022
Cross-site Scripting and Open Redirect in plone.app.contenttypes Moderate
GHSA-f7qw-5fgj-247x was published for plone.app.contenttypes (pip) Feb 1, 2022
Unsafe handling of user-specified cookies in treq High
CVE-2022-23607 was published for treq (pip) Feb 1, 2022
glyph Credited to glyph and twm twm twm
Adenza AxiomSL ControllerView through 10.8.1 allows redirection for SSO login URLs. Moderate Unreviewed
CVE-2022-22919 was published Jan 31, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database