Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,454
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

228 advisories

Loading
WebOb's location header normalization during redirect leads to open redirect Moderate
CVE-2024-42353 was published for webob (pip) Aug 14, 2024
Flarum's logout Route allows open redirects Moderate
CVE-2024-21641 was published for flarum/core (Composer) Jan 5, 2024
imorland DavideIadeluca
anonymous-nlp-student
TYPO3 Potential Open Redirect via Parsing Differences Moderate
CVE-2024-55892 was published for typo3/cms-core (Composer) Jan 14, 2025
keycloak-core: open redirect via "form_post.jwt" JARM response mode Moderate
CVE-2023-6927 was published for org.keycloak:keycloak-core (Maven) Jan 23, 2024
PontusHanssen kasperkarlsson
Chetven
Duplicate Advisory: Keycloak Open Redirect vulnerability Moderate
GHSA-3p75-q5cc-qmj7 was published for org.keycloak:keycloak-parent (Maven) Dec 19, 2023 withdrawn
Keycloak has Vulnerable Redirect URI Validation Results in Open Redirect Moderate
CVE-2024-8883 was published for org.keycloak:keycloak-services (Maven) Oct 14, 2024
Chetven
BunkerWeb has Open Redirect Vulnerability in Loading Page Moderate
CVE-2024-53264 was published for github.com/bunkerity/bunkerweb (Go) Dec 2, 2024
adventure8812
Traefik's X-Forwarded-Prefix Header still allows for Open Redirect Moderate
CVE-2024-52003 was published for github.com/traefik/traefik/v2 (Go) Dec 2, 2024
kunte0
rdiffweb vulnerable to Open Redirect Moderate
CVE-2022-3438 was published for rdiffweb (pip) Oct 10, 2022
Open Redirect in werkzeug Moderate
CVE-2020-28724 was published for werkzeug (pip) Apr 20, 2021
Authorization Header forwarded on redirect Moderate
CVE-2018-25091 was published for urllib3 (pip) Oct 15, 2023
Open redirect in Tornado Moderate
CVE-2023-28370 was published for tornado (pip) May 25, 2023
christian-ruiz bdarnell
Trac Open redirect vulnerability Moderate
CVE-2008-2951 was published for trac (pip) May 1, 2022
Flask-AppBuilder Open Redirect vulnerability Moderate
CVE-2021-32805 was published for Flask-AppBuilder (pip) Sep 8, 2021
Open redirect vulnerability in Jenkins OpenId Connect Authentication Plugin Moderate
CVE-2023-50771 was published for org.jenkins-ci.plugins:oic-auth (Maven) Dec 13, 2023
westonsteimel
Coder vulnerable to post-auth URL redirection to untrusted site ('Open Redirect') Moderate
GHSA-wcx9-ccpj-hx3c was published for github.com/coder/coder/v2 (Go) Oct 28, 2024
jchristov
rdiffweb Open Redirect vulnerability Moderate
CVE-2022-4644 was published for rdiffweb (pip) Dec 22, 2022
python-fedora vulnerable to an open redirect resulting in loss of CSRF protection Moderate
CVE-2017-1002150 was published for python-fedora (pip) Jul 13, 2018
Cross-site Scripting and Open Redirect in Products.ATContentTypes Moderate
CVE-2022-23599 was published for Products.ATContentTypes (pip) Jan 28, 2022
URL Redirection to Untrusted Site ('Open Redirect') in Products.PluggableAuthService Moderate
CVE-2021-21337 was published for Products.PluggableAuthService (pip) Mar 8, 2021
jugmac00 xoffense
Plone Open Redirect Moderate
CVE-2017-1000484 was published for Plone (pip) Jan 4, 2019
Plone Open Redirect Vulnerability Moderate
CVE-2020-7936 was published for Plone (pip) May 24, 2022
Products.CMFPlone Open Redirect Vulnerability Moderate
CVE-2017-1000481 was published for Plone (pip) May 14, 2022
Plone Open Redirect Vulnerability Moderate
CVE-2016-7137 was published for plone (pip) May 14, 2022
OMERO webclient does not validate URL redirects on login or switching group. Moderate
CVE-2021-21377 was published for omero-web (pip) Mar 23, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database