GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
363 advisories
Filter by severity
Path Traversal in m-server
Moderate
GHSA-vc6r-4x6g-mmqc
was published
for
m-server
(npm)
Jun 11, 2019
Path Traversal in statics-server
Moderate
GHSA-74cp-qw7f-7hpw
was published
for
statics-server
(npm)
Jun 5, 2019
path traversal in Jooby
Moderate
CVE-2020-7647
was published
for
io.jooby:jooby
(Maven)
May 13, 2020
Path Traversal in statics-server
Moderate
CVE-2019-15596
was published
for
statics-server
(npm)
Mar 31, 2020
Arbitrary File Read in Snyk Broker
Moderate
CVE-2020-7652
was published
for
snyk-broker
(npm)
Jun 3, 2020
Moderate severity vulnerability that affects com.sparkjava:spark-core
Moderate
CVE-2018-9159
was published
for
com.sparkjava:spark-core
(Maven)
Oct 19, 2018
Moderate severity vulnerability that affects org.apache.karaf:apache-karaf and org.apache.karaf:karaf
Moderate
CVE-2019-0191
was published
for
org.apache.karaf:apache-karaf
(Maven)
Mar 25, 2019
Moderate severity vulnerability that affects org.apache.tika:tika-core
Moderate
CVE-2018-11762
was published
for
org.apache.tika:tika-core
(Maven)
Oct 17, 2018
Directory traversal in Apache RocketMQ
Moderate
CVE-2019-17572
was published
for
org.apache.rocketmq:rocketmq-broker
(Maven)
Jul 1, 2020
Hidden Directories Always Served in inert
Moderate
CVE-2014-10068
was published
for
inert
(npm)
Aug 31, 2020
Directory Traversal in featurebook
Moderate
GHSA-7x92-2j68-h32c
was published
for
featurebook
(npm)
Sep 1, 2020
Directory Traversal in restafary
Moderate
CVE-2016-10528
was published
for
restafary
(npm)
Feb 18, 2019
Directory traversal outside of SENDFILE_ROOT in django-sendfile2
Moderate
GHSA-6r3c-8xf3-ggrr
was published
for
django-sendfile2
(pip)
Jun 24, 2020
Path Traversal within joomla/archive zip class
Moderate
CVE-2021-26028
was published
for
joomla/archive
(Composer)
Mar 24, 2021
Arbitrary File Write via Archive Extraction in mholt/archiver
Moderate
CVE-2018-1002207
was published
for
github.com/mholt/archiver
(Go)
Feb 15, 2022
RustEmbed generated `get` method allows for directory traversal when reading files from disk
Moderate
GHSA-cgw6-f3mj-h742
was published
for
rust-embed
(Rust)
Jun 17, 2022
The rack-cors rubygem may allow directory traveral
Moderate
CVE-2019-18978
was published
for
rack-cors
(RubyGems)
Nov 15, 2019
Sinatra Path Traversal vulnerability
Moderate
CVE-2018-7212
was published
for
sinatra
(RubyGems)
Feb 20, 2018
Path traversal in FreeTAKServer-UI
Moderate
CVE-2022-25511
was published
for
FreeTAKServer-UI
(pip)
Mar 12, 2022
Path Traversal in Gitea
Moderate
CVE-2021-29134
was published
for
code.gitea.io/gitea
(Go)
Mar 16, 2022
Path traversal in Jenkins Phoenix AutoTest Plugin
Moderate
CVE-2022-28156
was published
for
com.surenpi.jenkins:phoenix-autotest
(Maven)
Mar 30, 2022
Improper Limitation of a Pathname to a Restricted Directory in zt-zip
Moderate
CVE-2018-1002201
was published
for
org.zeroturnaround:zt-zip
(Maven)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API