GHSA-w832-gg5g-x44m: Open redirect endpoint in Datasette

November 6, 2025

Deployed instances of Datasette prior to 0.65.2 and 1.0a21 include an open redirect vulnerability.

Hits to the path //example.com/foo/bar/ (the trailing slash is required) will redirect the user to https://example.com/foo/bar.

References

github.com/advisories/GHSA-w832-gg5g-x44m
github.com/simonw/datasette
github.com/simonw/datasette/commit/f257ca6edb64848c3b04b54d41e347c54fe57c05
github.com/simonw/datasette/issues/2429
github.com/simonw/datasette/security/advisories/GHSA-w832-gg5g-x44m

Code Behaviors & Features

Detect and mitigate GHSA-w832-gg5g-x44m with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →