GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
119 advisories
Filter by severity
Path traversal in Jenkins build-publisher Plugin
Moderate
CVE-2022-41231
was published
for
org.jenkins-ci.plugins:build-publisher
(Maven)
Sep 22, 2022
Jenkins WildFly Deployer Plugin vulnerable to path traversal
Moderate
CVE-2022-41235
was published
for
org.jenkins-ci.plugins:wildfly-deployer
(Maven)
Sep 22, 2022
Keycloak has Files or Directories Accessible to External Parties
Moderate
CVE-2021-3856
was published
for
org.keycloak:keycloak-core
(Maven)
Aug 27, 2022
Path Traversal in Gravitee API Management
Moderate
CVE-2019-25075
was published
for
io.gravitee.apim:gravitee-api-management
(Maven)
Aug 24, 2022
Venice vulnerable to Partial Path Traversal issue within the functions `load-file` and `load-resource`
Moderate
CVE-2022-36007
was published
for
com.github.jlangch:venice
(Maven)
Aug 18, 2022
Neo4j Graph apoc plugins Partial Path Traversal Vulnerability
Moderate
CVE-2022-37423
was published
for
org.neo4j.procedure:apoc
(Maven)
Aug 12, 2022
Jenkins Deployer Framework Plugin does not restrict application path of applications when configuring a deployment
Moderate
CVE-2022-36889
was published
for
org.jenkins-ci.plugins:deployer-framework
(Maven)
Jul 28, 2022
Jenkins Deployer Framework Plugin vulnerable to Path Traversal
Moderate
CVE-2022-36890
was published
for
org.jenkins-ci.plugins:deployer-framework
(Maven)
Jul 28, 2022
Path Traversal vulnerability in Jenkins Embeddable Build Status Plugin
Moderate
CVE-2022-34179
was published
for
org.jenkins-ci.plugins:embeddable-build-status
(Maven)
Jun 24, 2022
Path traversal vulnerability in Jenkins Subversion Plugin allows reading arbitrary files
Moderate
CVE-2021-21698
was published
for
org.jenkins-ci.plugins:subversion
(Maven)
May 24, 2022
Path traversal vulnerability on Windows in Jenkins
Moderate
CVE-2021-21683
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Arbitrary file read vulnerability in Jenkins Persona Plugin
Moderate
CVE-2020-2293
was published
for
org.jenkins-ci.plugins:persona
(Maven)
May 24, 2022
Arbitrary file read vulnerability in Jenkins Storable Configs Plugin
Moderate
CVE-2020-2277
was published
for
org.jvnet.hudson.plugins:storable-configs-plugin
(Maven)
May 24, 2022
Arbitrary file write vulnerability in Jenkins Storable Configs Plugin
Moderate
CVE-2020-2278
was published
for
org.jvnet.hudson.plugins:storable-configs-plugin
(Maven)
May 24, 2022
Arbitrary file read vulnerability in Copy data to workspace Jenkins Plugin
Moderate
CVE-2020-2275
was published
for
org.jvnet.hudson.plugins:copy-data-to-workspace-plugin
(Maven)
May 24, 2022
Path traversal vulnerability in Blue Ocean Plugin
Moderate
CVE-2020-2254
was published
for
io.jenkins.blueocean:blueocean
(Maven)
May 24, 2022
Arbitrary file write vulnerability in Jenkins Cobertura Plugin
Moderate
CVE-2020-2139
was published
for
org.jenkins-ci.plugins:cobertura
(Maven)
May 24, 2022
Ignite Realtime Openfire directory traversal vulnerability
Moderate
CVE-2019-18393
was published
for
org.igniterealtime.openfire:parent
(Maven)
May 24, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jenkins Google OAuth Credentials Plugin
Moderate
CVE-2019-10436
was published
for
org.jenkins-ci.plugins:google-oauth-plugin
(Maven)
May 24, 2022
Arbitrary file read vulnerability in Jenkins File System SCM Plugin
Moderate
CVE-2019-10375
was published
for
hudson.plugins.filesystem_scm:filesystem_scm
(Maven)
May 24, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jenkins
Moderate
CVE-2019-10352
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Apache Karaf vulnerable to relative path traversal
Moderate
CVE-2019-0226
was published
for
org.apache.karaf.config:org.apache.karaf.config.core
(Maven)
May 24, 2022
Apache Struts directory traversal vulnerability
Moderate
CVE-2008-6505
was published
for
org.apache.struts:struts2-core
(Maven)
May 17, 2022
Improper Limitation of a Pathname to a Restricted Directory in JBoss Undertow
Moderate
CVE-2014-7816
was published
for
io.undertow:undertow-core
(Maven)
May 17, 2022
Improper Limitation of a Pathname to a Restricted Directory in Elasticsearch
Moderate
CVE-2015-3337
was published
for
org.elasticsearch:elasticsearch
(Maven)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API