GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
216 advisories
Filter by severity
Open Redirect URL in Harbor
Moderate
CVE-2024-22244
was published
for
github.com/goharbor/harbor
(Go)
Jun 2, 2024
Silverstripe External redirection risk in Security?ReturnURL
Moderate
GHSA-vp8p-c6xj-xpj7
was published
for
silverstripe/framework
(Composer)
May 23, 2024
Umbraco CMS Open Redirect Bypass Protection
Moderate
CVE-2024-34071
was published
for
Umbraco.Cms.Web.BackOffice
(NuGet)
May 21, 2024
OroPlatform Forced Redirect to External Website
Moderate
GHSA-3vhm-q4w3-rw8q
was published
for
oro/platform
(Composer)
May 20, 2024
OroCRM Forced Redirect to External Website
Moderate
GHSA-v8hp-239v-9367
was published
for
oro/crm
(Composer)
May 20, 2024
Drupal core Open Redirect vulnerability
Moderate
GHSA-wxfg-253g-m7r4
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal Anonymous Open Redirect
Moderate
GHSA-x6v2-xmrq-574j
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal External URL injection through URL aliases leading to Open Redirect
Moderate
GHSA-r67r-42wx-c8r7
was published
for
drupal/drupal
(Composer)
May 15, 2024
Drupal core Open Redirect vulnerability
Moderate
GHSA-6gf6-24h2-66j4
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal Anonymous Open Redirect
Moderate
GHSA-gfvf-2f25-f34r
was published
for
drupal/core
(Composer)
May 15, 2024
Drupal External URL injection through URL aliases leading to Open Redirect
Moderate
GHSA-7f4f-p7mq-p4fv
was published
for
drupal/core
(Composer)
May 15, 2024
Privilege Escalation in Kubernetes
Moderate
CVE-2020-8559
was published
for
k8s.io/apimachinery
(Go)
Apr 24, 2024
cg vulnerable to an Open Redirect Vulnerability on Referer Header
Moderate
GHSA-w228-rfpx-fhm4
was published
for
cg
(pip)
Apr 23, 2024
Keycloak Cross-site Scripting (XSS) via assertion consumer service URL in SAML POST-binding flow
Moderate
CVE-2023-6717
was published
for
org.keycloak:keycloak-services
(Maven)
Apr 17, 2024
gradio Server-Side Request Forgery vulnerability
Moderate
CVE-2024-1183
was published
for
gradio
(pip)
Apr 16, 2024
Express.js Open Redirect in malformed URLs
Moderate
CVE-2024-29041
was published
for
express
(npm)
Mar 25, 2024
URL Redirection to Untrusted Site in OAuth2/OpenID in directus
Moderate
CVE-2024-28239
was published
for
directus
(npm)
Mar 12, 2024
Docassemble open redirect
Moderate
CVE-2024-27291
was published
for
docassemble.webapp
(pip)
Feb 29, 2024
Open Redirect in github.com/greenpau/caddy-security
Moderate
CVE-2024-21497
was published
for
github.com/greenpau/caddy-security
(Go)
Feb 17, 2024
pyLoad open redirect vulnerability due to improper validation of the is_safe_url function
Moderate
CVE-2024-24808
was published
for
pyload-ng
(pip)
Feb 5, 2024
keycloak-core: open redirect via "form_post.jwt" JARM response mode
Moderate
GHSA-9vm7-v8wj-3fqw
was published
for
org.keycloak:keycloak-core
(Maven)
Jan 23, 2024
Follow Redirects improperly handles URLs in the url.parse() function
Moderate
CVE-2023-26159
was published
for
follow-redirects
(npm)
Jan 2, 2024
Open redirect vulnerability in Flask-Security-Too
Moderate
CVE-2023-49438
was published
for
Flask-Security-Too
(pip)
Dec 27, 2023
Keycloak Open Redirect vulnerability
Moderate
CVE-2023-6927
was published
for
org.keycloak:keycloak-parent
(Maven)
Dec 19, 2023
ProTip!
Advisories are also available from the
GraphQL API