Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

283 advisories

Loading
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat Moderate
CVE-2015-5345 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ anlakii
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat Moderate
CVE-2015-5174 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
anlakii
Improper Limitation of a Pathname to a Restricted Directory in WildFly Moderate
CVE-2018-10862 was published for org.wildfly.core:wildfly-server (Maven) May 14, 2022
Path Traversal in Jenkins Moderate
CVE-2018-1000406 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jenkins Moderate
CVE-2018-1000997 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat High
CVE-2017-7675 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
tdunlap607
Improper Limitation of a Pathname to a Restricted Directory in Spring Framework Moderate
CVE-2014-3578 was published for org.springframework:spring-core (Maven) May 14, 2022
sunSUNQ
Path Traversal in Apache Struts Critical
CVE-2016-6795 was published for org.apache.struts:struts2-convention-plugin (Maven) May 14, 2022
sunSUNQ
Improper Limitation of a Pathname to a Restricted Directory in Jenkins High
CVE-2018-1000863 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Asset Pipeline Grails Plugin vulnerable to Path Traversal High
CVE-2018-1000817 was published for org.grails.plugins:asset-pipeline (Maven) May 13, 2022
Path Traversal in io.hawt:project High
CVE-2017-2594 was published for io.hawt:project (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Zip4j Moderate
CVE-2018-1002202 was published for net.lingala.zip4j:zip4j (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in plexus-archiver Moderate
CVE-2018-1002200 was published for org.codehaus.plexus:plexus-archiver (Maven) May 13, 2022
Jenkins Image Gallery Plugin allows Path Traversal Moderate
CVE-2016-4987 was published for com.tupilabs.image_gallery:image-gallery (Maven) May 13, 2022
Jenkins TAP Plugin allows Path Traversal High
CVE-2016-4986 was published for org.tap4j:tap (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in zt-zip Moderate
CVE-2018-1002201 was published for org.zeroturnaround:zt-zip (Maven) May 13, 2022
Play Framework's Assets controller vulnerable to directory traversal High
CVE-2018-13864 was published for com.typesafe.play:play_2.12 (Maven) May 13, 2022
Jenkins has Local File Inclusion Vulnerability Moderate
CVE-2015-5322 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Apache MyFaces Vulnerable to Path Traversal Moderate
CVE-2011-4367 was published for org.apache.myfaces.core:myfaces-impl (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jboss EAP Undertow High
CVE-2018-1048 was published for org.jboss.eap:wildfly-undertow (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in JCraft JSch Moderate
CVE-2016-5725 was published for com.jcraft:jsch (Maven) May 13, 2022
spring-integration-zip Arbitrary File Write Moderate
CVE-2018-1263 was published for org.springframework.integration:spring-integration-zip (Maven) May 13, 2022
MarkLee131
Improper Limitation of a Pathname to a Restricted Directory in Spring Framework Moderate
CVE-2014-3625 was published for org.springframework:spring-webmvc (Maven) May 13, 2022
sunSUNQ
Path Traversal in Jenkins High
CVE-2018-1000194 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jenkins Moderate
CVE-2018-6356 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
sunSUNQ
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database