Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,210 advisories

Loading
jqueryFileTree vulnerable to Directory Traversal High
CVE-2017-1000170 was published for jqueryfiletree (npm) May 13, 2022
Luracast Restler directory traversal vulnerability High
CVE-2017-15363 was published for aoe/restler (Composer) May 13, 2022
mixlib-archive Path Traversal vulnerability High
CVE-2017-1000026 was published for mixlib-archive (RubyGems) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in JCraft JSch Moderate
CVE-2016-5725 was published for com.jcraft:jsch (Maven) May 13, 2022
spring-integration-zip Arbitrary File Write Moderate
CVE-2018-1263 was published for org.springframework.integration:spring-integration-zip (Maven) May 13, 2022
MarkLee131
Directory Traversal in Studio 42 elFinder Critical
CVE-2018-9110 was published for studio-42/elfinder (Composer) May 13, 2022
elFinder Path Traversal vulnerability Critical
CVE-2018-9109 was published for studio-42/elfinder (Composer) May 13, 2022
Smarty Path Traversal Vulnerability High
CVE-2018-13982 was published for smarty/smarty (Composer) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Spring Framework Moderate
CVE-2014-3625 was published for org.springframework:spring-webmvc (Maven) May 13, 2022
sunSUNQ
Path Traversal in Jenkins High
CVE-2018-1000194 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jenkins Moderate
CVE-2018-6356 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
sunSUNQ
Improper path handling in kustomization files allows path traversal Critical
CVE-2022-24877 was published for github.com/fluxcd/flux2 (Go) May 4, 2022
hiddeco kurt-r2c
Path Traversal in scout-browser Moderate
CVE-2022-1554 was published for scout-browser (pip) May 4, 2022
Path Traversal in com.alibaba.oneagent:one-java-agent-plugin Moderate
CVE-2022-25842 was published for com.alibaba.oneagent:one-java-agent-plugin (Maven) May 3, 2022
sinatra does not validate expanded path matches High
CVE-2022-29970 was published for sinatra (RubyGems) May 3, 2022
CuteSoft CuteEditor Path Traversal vulnerability Moderate
CVE-2009-4665 was published for CuteEditor (NuGet) May 2, 2022
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Apache Tomcat Moderate
CVE-2009-2902 was published for org.apache.tomcat:tomcat (Maven) May 2, 2022
MarkLee131 sunSUNQ
Apache Tomcat Directory Traversal vulnerability Moderate
CVE-2009-2693 was published for org.apache.tomcat:tomcat (Maven) May 2, 2022
MarkLee131 sunSUNQ
Django Admin Media Handler Vulnerable to Directory Traversal High
CVE-2009-2659 was published for Django (pip) May 2, 2022
Directory traversal in Mort Bay Jetty Moderate
CVE-2009-1523 was published for org.mortbay.jetty:jetty (Maven) May 2, 2022
joshbressers
Mercurial Directory traversal vulnerability Moderate
CVE-2008-2942 was published for mercurial (pip) May 1, 2022
Apache Tomcat Directory Traversal vulnerability Moderate
CVE-2008-2938 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
MarkLee131
Apache Tomcat Path Traversal Vulnerability Moderate
CVE-2008-2370 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
Alkacon OpenCMS Absolute Path Traversal via pathname in filePath.0 parameter Moderate
CVE-2008-1301 was published for org.opencms:opencms-core (Maven) May 1, 2022
MoinMoin Directory traversal vulnerability Moderate
CVE-2008-0782 was published for moin (pip) May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database