GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
27 advisories
Filter by severity
Open Redirect in apostrophe
Moderate
GHSA-h97g-4mx7-5p2p
was published
for
apostrophe
(npm)
Sep 3, 2020
URL Confusion When Scheme Not Supplied in medialize/uri.js
Moderate
CVE-2022-1233
was published
for
urijs
(npm)
Apr 5, 2022
NextAuth.js default redirect callback vulnerable to open redirects
Moderate
CVE-2022-24858
was published
for
next-auth
(npm)
Apr 22, 2022
URL Redirection to Untrusted Site ('Open Redirect') in next-auth
Moderate
CVE-2022-29214
was published
for
next-auth
(npm)
May 24, 2022
Oils JS vulnerable to Open Redirect
Moderate
CVE-2021-4260
was published
for
oils
(npm)
Dec 19, 2022
Open Redirect in xdLocalStorage
Moderate
CVE-2020-11611
was published
for
xdLocalStorage
(npm)
Dec 9, 2021
Open Redirect in trailing-slash
Moderate
CVE-2021-23387
was published
for
trailing-slash
(npm)
Jun 8, 2021
URL Redirection to Untrusted Site ('Open Redirect') in fastify-static
Moderate
CVE-2021-22963
was published
for
fastify-static
(npm)
Oct 5, 2021
Open redirect in @auth0/nextjs-auth0
Moderate
CVE-2021-43812
was published
for
@auth0/nextjs-auth0
(npm)
Dec 16, 2021
@okta/oidc-middlewareOpen Redirect vulnerability
Moderate
CVE-2022-3145
was published
for
@okta/oidc-middleware
(npm)
Jan 9, 2023
keycloak-connect contains Open redirect vulnerability in the Node.js adapter
Moderate
CVE-2022-2237
was published
for
keycloak-connect
(npm)
Mar 2, 2023
Open Redirect in koa-remove-trailing-slashes
Moderate
CVE-2021-23384
was published
for
koa-remove-trailing-slashes
(npm)
Feb 10, 2022
URIjs Vulnerable to Hostname spoofing via backslashes in URL
Moderate
CVE-2021-3647
was published
for
urijs
(npm)
Jul 19, 2021
@keystone-6/auth Open Redirect vulnerability
Moderate
CVE-2023-34247
was published
for
@keystone-6/auth
(npm)
Jun 14, 2023
DOMPurify Open Redirect vulnerability
Moderate
CVE-2019-25155
was published
for
dompurify
(npm)
Nov 14, 2023
Follow Redirects improperly handles URLs in the url.parse() function
Moderate
CVE-2023-26159
was published
for
follow-redirects
(npm)
Jan 2, 2024
ProTip!
Advisories are also available from the
GraphQL API