Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

34 advisories

Loading
Redirect URL matching ignores character casing Moderate
CVE-2020-15234 was published for github.com/ory/fosite (Go) May 24, 2021
mitar Credited to mitar
Windows DNS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-28328. Moderate Unreviewed
CVE-2021-28323 was published May 24, 2022
social-auth-app-django affected by Improper Handling of Case Sensitivity Moderate
CVE-2024-32879 was published for social-auth-app-django (pip) Apr 24, 2024
bradenmacdonald Credited to bradenmacdonald and nijel nijel nijel
Spring Framework DataBinder Case Sensitive Match Exception Moderate
CVE-2024-38820 was published for org.springframework:spring-context (Maven) Oct 18, 2024
jw123023 Credited to jw123023, levpachmanov, and joshbressers levpachmanov levpachmanov
joshbressers joshbressers
Spring LDAP data exposure vulnerability Moderate
CVE-2024-38829 was published for org.springframework.ldap:spring-ldap-core (Maven) Dec 4, 2024
Drupal core Access bypass Moderate
CVE-2024-55634 was published for drupal/core (Composer) Dec 10, 2024
Apache Camel: Camel Message Header Injection via Improper Filtering Moderate
CVE-2025-27636 was published for org.apache.camel:camel-support (Maven) Mar 9, 2025
daltonking90 Credited to daltonking90
Flask-CORS vulnerable to Improper Handling of Case Sensitivity Moderate
CVE-2024-6866 was published for flask-cors (pip) Mar 20, 2025
adrianosela Credited to adrianosela
elysia-cors Origin Validation Error Moderate
CVE-2025-50864 was published for @elysiajs/cors (npm) Aug 20, 2025
File Browser has an Authentication Bypass in User Password Update Moderate
CVE-2026-25889 was published for github.com/filebrowser/filebrowser/v2 (Go) Feb 10, 2026
dogadmin Credited to dogadmin and hacdias hacdias hacdias
ProTip! Advisories are also available from the GraphQL API