Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

359 advisories

Loading
pgAdmin 4 vulnerable to directory traversal Moderate
CVE-2023-0241 was published for pgadmin4 (pip) Mar 27, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment Moderate
CVE-2022-3101 was published for tripleo-ansible (pip) Mar 23, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment Moderate
CVE-2022-3146 was published for tripleo-ansible (pip) Mar 23, 2023
Path Traversal Vulnerability in `LESS` Parser allows reading of sensitive server files Moderate
CVE-2023-27577 was published for flarum/core (Composer) Mar 13, 2023
Kubernetes vulnerable to path traversal Moderate
CVE-2022-3162 was published for github.com/kubernetes/kubernetes (Go) Mar 1, 2023
Path traversal vulnerability in glance Moderate
CVE-2022-25937 was published for glance (npm) Feb 13, 2023
lirantal
StaticHandler disclosure of classpath resources on Windows when mounted on a wildcard route Moderate
CVE-2023-24815 was published for io.vertx:vertx-web (Maven) Feb 10, 2023
adrien-aubert-drovio
Openshift Enterprise source-to-image vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) Moderate
CVE-2018-1103 was published for github.com/openshift/source-to-image (Go) Feb 6, 2023
Path traversal in ubi-reader Moderate
CVE-2023-0591 was published for ubi-reader (pip) Jan 31, 2023
qkaiser
JSZip contains Path Traversal via loadAsync Moderate
CVE-2022-48285 was published for jszip (npm) Jan 29, 2023
Path Traversal In Eclipse GlassFish Moderate
CVE-2022-2712 was published for org.glassfish.main.web:web (Maven) Jan 27, 2023
OpenStack Cinder, glance, and Nova vulnerable to Path Traversal Moderate
CVE-2022-47951 was published for cinder (pip) Jan 27, 2023
Path traversal vulnerability in Jenkins PWauth Security Realm Plugin Moderate
CVE-2023-24449 was published for org.jvnet.hudson.plugins:pwauth (Maven) Jan 26, 2023
Path Traversal in Jenkins visualexpert Plugin Moderate
CVE-2023-24455 was published for io.jenkins.plugins:visualexpert (Maven) Jan 26, 2023
Path traversal in spotipy Moderate
CVE-2023-23608 was published for spotipy (pip) Jan 23, 2023
Shaderbug
Path Traversal in github.com/go-sonic/sonic Moderate
CVE-2022-46959 was published for github.com/go-sonic/sonic (Go) Jan 23, 2023
Velociraptor subject to Path Traversal Moderate
CVE-2023-0290 was published for www.velocidex.com/golang/velociraptor (Go) Jan 19, 2023
tdunlap607
SUKOHI Surpass Path Traversal vulnerability Moderate
CVE-2015-10030 was published for sukohi/surpass (Composer) Jan 8, 2023
pastebinit Path Traversal vulnerability Moderate
CVE-2018-25059 was published for github.com/jessfraz/pastebinit (Go) Dec 30, 2022
Tauri Filesystem Scope Glob Pattern is too Permissive Moderate
CVE-2022-46171 was published for tauri (Rust) Dec 22, 2022
OrIOg
UBI Reader vulnerable to Path Traversal Moderate
CVE-2022-4572 was published for ubi-reader (pip) Dec 17, 2022
easywebpack-cli Path Traversal vulnerability Moderate
CVE-2020-24855 was published for @easy-team/easywebpack-cli (npm) Dec 15, 2022
Echo vulnerable to directory traversal Moderate
CVE-2020-36565 was published for github.com/labstack/echo/v4 (Go) Dec 7, 2022
hyper-staticfile's improper validation of Windows paths could lead to directory traversal attack Moderate
GHSA-7p7c-pvvx-2vx3 was published for hyper-staticfile (Rust) Dec 5, 2022
tdunlap607
Apache DolphinScheduler vulnerable to Path Traversal Moderate
CVE-2022-34662 was published for org.apache.dolphinscheduler:dolphinscheduler (Maven) Nov 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database