Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,761
Maven
5,000+
npm
4,368
NuGet
767
pip
4,137
Pub
12
RubyGems
962
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

35 advisories

Loading
The pattern '/\domain.com' is not disallowed when redirecting, allowing for open redirect Moderate
CVE-2020-5233 was published for github.com/oauth2-proxy/oauth2-proxy (Go) Dec 20, 2021
Open Redirect in OAuth2 Proxy Moderate
CVE-2020-4037 was published for github.com/oauth2-proxy/oauth2-proxy (Go) Dec 20, 2021
Incomplete List of Disallowed Inputs in Kubernetes Moderate
CVE-2021-25737 was published for k8s.io/kubernetes (Go) Sep 7, 2021
Open Redirect in github.com/AndrewBurian/powermux Moderate
CVE-2021-32721 was published for github.com/AndrewBurian/powermux (Go) Jul 1, 2021
Open Redirect Moderate
CVE-2018-15178 was published for gogs.io/gogs (Go) Jun 29, 2021
OAuth2 Redirect URL validity does not respect query parameters and character casing for loopback addresses Moderate
CVE-2020-15233 was published for github.com/ory/fosite (Go) May 24, 2021
mitar aeneasr
Credited to mitar and aeneasr
Redirect URL matching ignores character casing Moderate
CVE-2020-15234 was published for github.com/ory/fosite (Go) May 24, 2021
mitar
Credited to mitar
JWT leak via Open Redirect in Programmatic access Moderate
CVE-2021-29651 was published for github.com/pomerium/pomerium (Go) May 21, 2021
cure53
Credited to cure53
pomerium_signature is not verified in middleware in github.com/pomerium/pomerium Moderate
CVE-2021-29652 was published for github.com/pomerium/pomerium (Go) May 21, 2021
cure53
Credited to cure53
gopkg.in/macaron.v1 Open Redirect vulnerability Moderate
CVE-2020-12666 was published for gopkg.in/macaron.v1 (Go) May 18, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database