GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
34 advisories
Filter by severity
Coder vulnerable to post-auth URL redirection to untrusted site ('Open Redirect')
Moderate
GHSA-wcx9-ccpj-hx3c
was published
for
github.com/coder/coder/v2
(Go)
Oct 28, 2024
lorawan-stack Open Redirect vulnerability
Moderate
CVE-2023-26494
was published
for
go.thethings.network/lorawan-stack/v3
(Go)
Aug 5, 2024
Open Redirect URL in Harbor
Moderate
CVE-2024-22244
was published
for
github.com/goharbor/harbor
(Go)
Jun 2, 2024
Open Redirect in github.com/AndrewBurian/powermux
Moderate
CVE-2021-32721
was published
for
github.com/AndrewBurian/powermux
(Go)
Jul 1, 2021
Open Redirect in Caddy
Moderate
CVE-2022-28923
was published
for
github.com/caddyserver/caddy/v2
(Go)
Feb 7, 2023
Macaron i18n Open Redirect vulnerability
Moderate
CVE-2020-36627
was published
for
github.com/go-macaron/i18n
(Go)
Dec 25, 2022
gopkg.in/macaron.v1 Open Redirect vulnerability
Moderate
CVE-2020-12666
was published
for
gopkg.in/macaron.v1
(Go)
May 18, 2021
Privilege Escalation in Kubernetes
Moderate
CVE-2020-8559
was published
for
k8s.io/apimachinery
(Go)
Apr 24, 2024
Open Redirect in github.com/greenpau/caddy-security
Moderate
CVE-2024-21497
was published
for
github.com/greenpau/caddy-security
(Go)
Feb 17, 2024
Open Redirect in OAuth2 Proxy
High
CVE-2020-11053
was published
for
github.com/oauth2-proxy/oauth2-proxy
(Go)
Dec 20, 2021
code.gitea.io/gitea Open Redirect vulnerability
Low
CVE-2023-3515
was published
for
code.gitea.io/gitea
(Go)
Jul 5, 2023
Mattermost Open Redirect vulnerability
Moderate
CVE-2023-47168
was published
for
github.com/mattermost/mattermost-server/v6
(Go)
Nov 27, 2023
Open redirect vulnerability in Sourcegraph
Moderate
CVE-2020-12283
was published
for
github.com/sourcegraph/sourcegraph
(Go)
Dec 20, 2021
pomerium_signature is not verified in middleware in github.com/pomerium/pomerium
Moderate
CVE-2021-29652
was published
for
github.com/pomerium/pomerium
(Go)
May 21, 2021
JWT leak via Open Redirect in Programmatic access
Moderate
CVE-2021-29651
was published
for
github.com/pomerium/pomerium
(Go)
May 21, 2021
Pivotal Concourse Open Redirect in Login Flow
Moderate
CVE-2018-15798
was published
for
github.com/concourse/concourse
(Go)
Feb 15, 2022
Open Redirect in oauth2_proxy
Moderate
CVE-2017-1000070
was published
for
github.com/bitly/oauth2_proxy
(Go)
Dec 20, 2021
Labstack Echo Open Redirect vulnerability
Critical
CVE-2022-40083
was published
for
github.com/labstack/echo/v4
(Go)
Sep 29, 2022
Authelia allows open redirects on the logout endpoint
Moderate
CVE-2021-29456
was published
for
github.com/authelia/authelia/v4
(Go)
Mar 16, 2023
coreDNS vulnerable to Improper Restriction of Communication Channel to Intended Endpoints
Moderate
CVE-2022-2837
was published
for
github.com/coredns/coredns
(Go)
Mar 3, 2023
Open redirect in caddy
Moderate
CVE-2022-29718
was published
for
github.com/caddyserver/caddy
(Go)
Jun 3, 2022
scs-library-client may leak user credentials to third-party service via HTTP redirect
Moderate
CVE-2022-23538
was published
for
github.com/sylabs/scs-library-client
(Go)
Jan 20, 2023
Open redirect in Gitea
Moderate
CVE-2021-45328
was published
for
github.com/go-gitea/gitea
(Go)
Feb 9, 2022
Incomplete List of Disallowed Inputs in Kubernetes
Moderate
CVE-2021-25737
was published
for
k8s.io/kubernetes
(Go)
Sep 7, 2021
ProTip!
Advisories are also available from the
GraphQL API