GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
27 advisories
Filter by severity
Express.js Open Redirect in malformed URLs
Moderate
CVE-2024-29041
was published
for
express
(npm)
Mar 25, 2024
URL Redirection to Untrusted Site in OAuth2/OpenID in directus
Moderate
CVE-2024-28239
was published
for
directus
(npm)
Mar 12, 2024
Follow Redirects improperly handles URLs in the url.parse() function
Moderate
CVE-2023-26159
was published
for
follow-redirects
(npm)
Jan 2, 2024
DOMPurify Open Redirect vulnerability
Moderate
CVE-2019-25155
was published
for
dompurify
(npm)
Nov 14, 2023
@keystone-6/auth Open Redirect vulnerability
Moderate
CVE-2023-34247
was published
for
@keystone-6/auth
(npm)
Jun 14, 2023
URIjs Vulnerable to Hostname spoofing via backslashes in URL
Moderate
CVE-2021-3647
was published
for
urijs
(npm)
Jul 19, 2021
Open Redirect in koa-remove-trailing-slashes
Moderate
CVE-2021-23384
was published
for
koa-remove-trailing-slashes
(npm)
Feb 10, 2022
keycloak-connect contains Open redirect vulnerability in the Node.js adapter
Moderate
CVE-2022-2237
was published
for
keycloak-connect
(npm)
Mar 2, 2023
@okta/oidc-middlewareOpen Redirect vulnerability
Moderate
CVE-2022-3145
was published
for
@okta/oidc-middleware
(npm)
Jan 9, 2023
Open redirect in @auth0/nextjs-auth0
Moderate
CVE-2021-43812
was published
for
@auth0/nextjs-auth0
(npm)
Dec 16, 2021
URL Redirection to Untrusted Site ('Open Redirect') in fastify-static
Moderate
CVE-2021-22963
was published
for
fastify-static
(npm)
Oct 5, 2021
Open Redirect in trailing-slash
Moderate
CVE-2021-23387
was published
for
trailing-slash
(npm)
Jun 8, 2021
Open Redirect in xdLocalStorage
Moderate
CVE-2020-11611
was published
for
xdLocalStorage
(npm)
Dec 9, 2021
Oils JS vulnerable to Open Redirect
Moderate
CVE-2021-4260
was published
for
oils
(npm)
Dec 19, 2022
URL Redirection to Untrusted Site ('Open Redirect') in next-auth
Moderate
CVE-2022-29214
was published
for
next-auth
(npm)
May 24, 2022
NextAuth.js default redirect callback vulnerable to open redirects
Moderate
CVE-2022-24858
was published
for
next-auth
(npm)
Apr 22, 2022
URL Confusion When Scheme Not Supplied in medialize/uri.js
Moderate
CVE-2022-1233
was published
for
urijs
(npm)
Apr 5, 2022
ProTip!
Advisories are also available from the
GraphQL API