GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
5,154 advisories
Hostname spoofing via backslashes in URL
Moderate
CVE-2020-26291
was published
for
urijs
(npm)
Dec 30, 2020
Path Traversal and Improper Input Validation in Apache Commons IO
Moderate
CVE-2021-29425
was published
for
com.cosium.vet:vet
(Maven)
Apr 26, 2021
Improper Input Validation in sanitize-html
Moderate
CVE-2021-26539
was published
for
sanitize-html
(npm)
May 6, 2021
Redirect URL matching ignores character casing
Moderate
CVE-2020-15234
was published
for
github.com/ory/fosite
(Go)
May 24, 2021
OAuth2 Redirect URL validity does not respect query parameters and character casing for loopback addresses
Moderate
CVE-2020-15233
was published
for
github.com/ory/fosite
(Go)
May 24, 2021
Action Commands (run/shell/exec) Against Library URIs Ignore Configured Remote Endpoint
Moderate
CVE-2021-32635
was published
for
github.com/sylabs/singularity
(Go)
Jun 1, 2021
Form validation can be skipped
Moderate
CVE-2021-32697
was published
for
neos/form
(Composer)
Jun 22, 2021
ProTip!
Advisories are also available from the
GraphQL API