Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

283 advisories

Loading
Path Traversal in com.alibaba.oneagent:one-java-agent-plugin Moderate
CVE-2022-25842 was published for com.alibaba.oneagent:one-java-agent-plugin (Maven) May 3, 2022
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Apache Tomcat Moderate
CVE-2009-2902 was published for org.apache.tomcat:tomcat (Maven) May 2, 2022
MarkLee131 sunSUNQ
Apache Tomcat Directory Traversal vulnerability Moderate
CVE-2009-2693 was published for org.apache.tomcat:tomcat (Maven) May 2, 2022
MarkLee131 sunSUNQ
Directory traversal in Mort Bay Jetty Moderate
CVE-2009-1523 was published for org.mortbay.jetty:jetty (Maven) May 2, 2022
joshbressers
Apache Tomcat Directory Traversal vulnerability Moderate
CVE-2008-2938 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
MarkLee131
Apache Tomcat Path Traversal Vulnerability Moderate
CVE-2008-2370 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
Alkacon OpenCMS Absolute Path Traversal via pathname in filePath.0 parameter Moderate
CVE-2008-1301 was published for org.opencms:opencms-core (Maven) May 1, 2022
Mortbay Jetty Double Slash URI Information Disclosure Vulnerability Moderate
CVE-2007-6672 was published for org.mortbay.jetty:jetty (Maven) May 1, 2022
Apache Tomcat Path Traversal Vulnerability Low
CVE-2007-5461 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
Apache Tomcat Directory Traversal Moderate
CVE-2007-0450 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
sunSUNQ
Alkacon OpenCMS Absolute Path Traversal via pathname in filePath parameter Moderate
CVE-2006-3934 was published for org.opencms:opencms-core (Maven) May 1, 2022
Jetty Directory Traversal Vulnerability Moderate
CVE-2006-2758 was published for org.mortbay.jetty:jetty (Maven) May 1, 2022
Apache Tomcat Directory Traversal Moderate
CVE-2000-1210 was published for org.apache.tomcat:tomcat (Maven) Apr 30, 2022
Jakarta Tomcat Directory Listing vulnerability Moderate
CVE-2003-0042 was published for org.apache.tomcat:tomcat (Maven) Apr 29, 2022
Arbitrary filesystem write access from velocity. High
CVE-2022-24897 was published for org.xwiki.commons:xwiki-commons-velocity (Maven) Apr 28, 2022
kurt-r2c
Path traversal in the OWASP Enterprise Security API High
CVE-2022-23457 was published for org.owasp.esapi:esapi (Maven) Apr 27, 2022
JarLob
Path traversal in Hadoop Critical
CVE-2022-26612 was published for org.apache.hadoop:hadoop-common (Maven) Apr 8, 2022
Path Traversal in Caucho Resin High
CVE-2021-44138 was published for com.caucho:resin (Maven) Apr 5, 2022
Arbitrary file read vulnerability in Jenkins Continuous Integration with Toad Edge Plugin Moderate
CVE-2022-28146 was published for org.jenkins-ci.plugins:ci-with-toad-edge (Maven) Mar 30, 2022
NotMyFault
Path traversal in Jenkins Phoenix AutoTest Plugin Moderate
CVE-2022-28156 was published for com.surenpi.jenkins:phoenix-autotest (Maven) Mar 30, 2022
Path traversal vulnerability on Windows in Jenkins Continuous Integration with Toad Edge Plugin Moderate
CVE-2022-28148 was published for org.jenkins-ci.plugins:ci-with-toad-edge (Maven) Mar 30, 2022
NotMyFault
Path traversal in Jenkins Pipeline Phoenix AutoTest Plugin Moderate
CVE-2022-28157 was published for com.surenpi.jenkins:phoenix-autotest (Maven) Mar 30, 2022
Path Traversal in Spring-integration-zip Moderate
CVE-2021-22114 was published for org.springframework.integration:spring-integration-zip (Maven) Mar 18, 2022
Arbitrary JSON and property file read vulnerability in Jenkins Extended Choice Parameter Plugin Moderate
CVE-2022-27203 was published for org.jenkins-ci.plugins:extended-choice-parameter (Maven) Mar 16, 2022
NotMyFault
Arbitrary file read vulnerability in Jenkins kubernetes-cd Plugin Moderate
CVE-2022-27208 was published for org.jenkins-ci.plugins:kubernetes-cd (Maven) Mar 16, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database