Vulnerabilities > URL Redirection to Untrusted Site ('Open Redirect')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-21 | CVE-2022-40754 | Open Redirect vulnerability in Apache Airflow In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the webserver's `/confirm` endpoint. | 6.1 |
| 2022-09-15 | CVE-2022-31735 | Open Redirect vulnerability in Osstech Openam OpenAM Consortium Edition version 14.0.0 provided by OpenAM Consortium contains an open redirect vulnerability (CWE-601). | 6.1 |
| 2022-09-13 | CVE-2022-39814 | Open Redirect vulnerability in Nokia 1350 Optical Management System 14.2 In NOKIA 1350 OMS R14.2, an Open Redirect vulnerability occurs is the login page via next HTTP GET parameter. | 6.1 |
| 2022-09-11 | CVE-2022-25295 | Open Redirect vulnerability in Getgophish Gophish This affects the package github.com/gophish/gophish before 0.12.0. | 5.4 |
| 2022-09-06 | CVE-2022-38131 | Open Redirect vulnerability in Rstudio Connect RStudio Connect prior to 2023.01.0 is affected by an Open Redirect issue. | 6.1 |
| 2022-08-30 | CVE-2021-29864 | Open Redirect vulnerability in IBM Security Identity Manager 6.0.0/6.0.2 IBM Security Identity Manager 6.0 and 6.0.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
| 2022-08-29 | CVE-2020-26938 | Open Redirect vulnerability in Oauth2-Server Project Oauth2-Server In oauth2-server (aka node-oauth2-server) through 3.1.1, the value of the redirect_uri parameter received during the authorization and token request is checked against an incorrect URI pattern ("[a-zA-Z][a-zA-Z0-9+.-]+:") before making a redirection. | 7.2 |
| 2022-08-29 | CVE-2022-27547 | Open Redirect vulnerability in Hcltech Domino and HCL Inotes HCL iNotes is susceptible to a link to non-existent domain vulnerability. | 7.4 |
| 2022-08-23 | CVE-2021-28861 | Open Redirect vulnerability in multiple products Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple (/) at the beginning of URI path which may leads to information disclosure. | 7.4 |
| 2022-08-16 | CVE-2022-25799 | Open Redirect vulnerability in Cert Vince 1.48.0/1.49.0 An open redirect vulnerability exists in CERT/CC VINCE software prior to 1.50.0. | 6.1 |