Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,830
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,062 advisories

Loading
Symfony vulnerable to open redirect via browser-sanitized URLs Low
CVE-2024-50345 was published for symfony/http-foundation (Composer) Nov 6, 2024
nicolas-grekas zer0yu
An Open-Redirect vulnerability exists in PingAM where well-crafted requests may cause improper... Moderate Unreviewed
CVE-2024-25566 was published Oct 29, 2024
HCL BigFix Compliance is affected by unvalidated redirects and forwards. The HOST header can be... Moderate Unreviewed
CVE-2024-30140 was published Nov 7, 2024
HAPI FHIR XML External Entity (XXE) vulnerability High
CVE-2024-51132 was published for ca.uhn.hapi.fhir:org.hl7.fhir.convertors (Maven) Nov 5, 2024
There is a low severity open redirect vulnerability within affected versions of Bitbucket Data... Low Unreviewed
CVE-2024-21684 was published Jul 24, 2024
Inadequate validation of URLs could result into an invalid check whether an redirect URL is... Moderate Unreviewed
CVE-2024-27184 was published Aug 20, 2024
URL spoofing vulnerability exists in a-blog cms Ver.3.1.0 to Ver.3.1.8. If an attacker sends a... Moderate Unreviewed
CVE-2024-25559 was published Feb 15, 2024
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Microchip TimeProvider 4100... High Unreviewed
CVE-2024-43683 was published Oct 4, 2024
VMware SD-WAN Orchestrator contains an open redirect vulnerability. A malicious actor may be... High Unreviewed
CVE-2024-22248 was published Apr 2, 2024
Open redirection vulnerability in CDeX application allows to redirect users to arbitrary websites... High Unreviewed
CVE-2024-2465 was published Mar 21, 2024
PbootCMS 3.2.8 is vulnerable to URL Redirect. Moderate Unreviewed
CVE-2024-42930 was published Oct 28, 2024
If a site had been granted the permission to open popup windows, it could cause Select elements... Moderate Unreviewed
CVE-2024-8386 was published Sep 3, 2024
Drupal has open redirect vulnerability in the Overlay module High
CVE-2013-6389 was published for drupal/drupal (Composer) May 17, 2022
Rudloff
Redirection of users to a vulnerable URL in Citrix Workspace app for HTML5 Moderate Unreviewed
CVE-2024-6149 was published Jul 10, 2024
An issue was discovered in ViewerJS 0.5.8. A script from the component loads content via URL TAGs... Moderate Unreviewed
CVE-2024-25676 was published May 1, 2024
Coder vulnerable to post-auth URL redirection to untrusted site ('Open Redirect') Moderate
GHSA-wcx9-ccpj-hx3c was published for github.com/coder/coder/v2 (Go) Oct 28, 2024
jchristov
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in WP Sunshine Sunshine Photo... Moderate Unreviewed
CVE-2024-50463 was published Oct 28, 2024
rdiffweb Open Redirect vulnerability Moderate
CVE-2022-4644 was published for rdiffweb (pip) Dec 22, 2022
rdiffweb vulnerable to Open Redirect High
CVE-2022-4720 was published for rdiffweb (pip) Dec 27, 2022
python-fedora vulnerable to an open redirect resulting in loss of CSRF protection Moderate
CVE-2017-1002150 was published for python-fedora (pip) Jul 13, 2018
Forwarding of confidentials headers to third parties in fluture-node Low
CVE-2022-24719 was published for fluture-node (npm) Mar 1, 2022
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in smp7, wp.Insider Simple... Moderate Unreviewed
CVE-2024-49682 was published Oct 24, 2024
Public Knowledge Project pkp-lib 3.4.0-7 and earlier is vulnerable to Open redirect due to a lack... Moderate Unreviewed
CVE-2024-46326 was published Oct 21, 2024
Cross-site Scripting and Open Redirect in Products.ATContentTypes Moderate
CVE-2022-23599 was published for Products.ATContentTypes (pip) Jan 28, 2022
URL Redirection to Untrusted Site ('Open Redirect') in Products.isurlinportal High
CVE-2021-32806 was published for Products.isurlinportal (pip) Aug 5, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database