GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
27 advisories
`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware)
Low
CVE-2021-21330
was published
for
aiohttp
(pip)
Feb 26, 2021
Open Redirect in Flask-Security-Too
Low
CVE-2021-32618
was published
for
Flask-Security-Too
(pip)
May 17, 2021
Subdomain checking of whitelisted domains could allow unintended redirects in oauth2-proxy
Low
CVE-2021-21291
was published
for
github.com/oauth2-proxy/oauth2-proxy
(Go)
May 25, 2021
URL parsing in node-forge could lead to undesired behavior.
Low
GHSA-gf8q-jrpm-jvxq
was published
for
node-forge
(npm)
Jan 8, 2022
OIDC Logout redirect in keycloak
Low
CVE-2020-10734
was published
for
org.keycloak:keycloak-oidc-client-adapter-pom
(Maven)
Apr 28, 2022
undici before v5.8.0 vulnerable to uncleared cookies on cross-host / cross-origin redirect
Low
CVE-2022-31151
was published
for
undici
(npm)
Jul 21, 2022
Symfony vulnerable to open redirect via browser-sanitized URLs
Low
CVE-2024-50345
was published
for
symfony/http-foundation
(Composer)
Nov 6, 2024
@misskey-dev/summaly Redirect Filter Bypass
Low
CVE-2025-46553
was published
for
@misskey-dev/summaly
(npm)
May 5, 2025
Better Auth Open Redirect Vulnerability in originCheck Middleware Affects Multiple Routes
Low
CVE-2025-53535
was published
for
better-auth
(npm)
Jul 7, 2025
Koa Open Redirect via Referrer Header (User-Controlled)
Low
CVE-2025-8129
was published
for
koa
(npm)
Jul 29, 2025
reflex-dev/reflex has an Open Redirect vulnerability
Low
CVE-2025-62379
was published
for
reflex
(pip)
Oct 15, 2025
ProTip!
Advisories are also available from the
GraphQL API