Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

428 advisories

Loading
Directory Traversal in Kubernetes Moderate
CVE-2015-5305 was published for github.com/kubernetes/kubernetes (Go) Feb 15, 2022
Arbitrary File Write via Archive Extraction in mholt/archiver Moderate
CVE-2018-1002207 was published for github.com/mholt/archiver (Go) Feb 15, 2022
avivdolev
Mercurial Path Traversal/Link Following vulnerability Moderate
CVE-2019-3902 was published for mercurial (pip) Feb 15, 2022
Path Traversal in S-Cart Moderate
CVE-2021-44111 was published for s-cart/s-cart (Composer) Feb 12, 2022
Path traversal in xwiki-platform-skin-skinx Moderate
CVE-2022-23620 was published for org.xwiki.platform:xwiki-platform-skin-skinx (Maven) Feb 9, 2022
Path Traversal in Apache James Server Moderate
CVE-2022-22931 was published for org.apache.james:james-server (Maven) Feb 8, 2022
Path Traversal in SharpZipLib Moderate
CVE-2021-32842 was published for SharpZipLib (NuGet) Feb 1, 2022
Path Traversal in SharpZipLib Moderate
CVE-2021-32841 was published for SharpZipLib (NuGet) Feb 1, 2022
Path Traversal in the Logs plugin for Craft CMS Moderate
CVE-2022-23409 was published for ether/logs (Composer) Feb 1, 2022
Path traversal in Apache Karaf Moderate
CVE-2022-22932 was published for org.apache.karaf:apache-karaf (Maven) Jan 28, 2022
Path traversal in Onionshare Moderate
CVE-2022-21693 was published for onionshare-cli (pip) Jan 21, 2022
Path traversal vulnerability in Jenkins Publish Over SSH Plugin Moderate
CVE-2022-23113 was published for org.jenkins-ci.plugins:publish-over-ssh (Maven) Jan 13, 2022
NotMyFault
Directory-traversal in Django Moderate
CVE-2021-45452 was published for Django (pip) Jan 12, 2022
tdunlap607
Path Traversal in nemo-toolkit Moderate
CVE-2022-22821 was published for nemo-toolkit (pip) Jan 11, 2022
Path traversal when MessageBus::Diagnostics is enabled Moderate
CVE-2021-43840 was published for message_bus (RubyGems) Dec 17, 2021
S3Scanner allows Directory Traversal Moderate
CVE-2021-32061 was published for s3scanner (pip) Nov 30, 2021
NodeBB vulnerable to path traversal in translator module Moderate
CVE-2021-43788 was published for nodebb (npm) Nov 30, 2021
paul-gerste-sonarsource
Client metadata path-traversal Moderate
CVE-2021-41131 was published for tuf (pip) Oct 19, 2021
jku
Path Traversal in @backstage/plugin-scaffolder-backend Moderate
CVE-2021-41151 was published for @backstage/plugin-scaffolder-backend (npm) Oct 19, 2021
Insufficiently restricted permissions on plugin directories Moderate
CVE-2021-41103 was published for github.com/containerd/containerd (Go) Oct 4, 2021
Improperly Implemented path matching for in-toto-golang Moderate
CVE-2021-41087 was published for github.com/in-toto/in-toto-golang (Go) Sep 22, 2021
pxp928
Path Traversal in serve-here.js Moderate
CVE-2019-5444 was published for serve-here.js (npm) Sep 22, 2021
Partial path traversal in sharpcompress Moderate
CVE-2021-39208 was published for sharpcompress (NuGet) Sep 20, 2021
JarLob geoffodonnell
Path traversal in Grafana Loki Moderate
CVE-2021-36156 was published for github.com/grafana/loki (Go) Sep 2, 2021
simonswine
Directory Traversal in isomorphic-git Moderate
CVE-2021-30483 was published for isomorphic-git (npm) Sep 2, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database