Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

175 advisories

Loading
Directory traversal outside of SENDFILE_ROOT in django-sendfile2 Moderate
GHSA-6r3c-8xf3-ggrr was published for django-sendfile2 (pip) Jun 24, 2020
gipi moggers87
Path traversal in FreeTAKServer-UI Moderate
CVE-2022-25511 was published for FreeTAKServer-UI (pip) Mar 12, 2022
Tooxie Shiva 0.10.0 allows absolute path traversal because Flask send_file function used unsafely Critical
CVE-2022-31558 was published for shiva (pip) Jul 12, 2022
ChainerRL Visualizer 0.1.1 vulnerable to Path Traversal via unsafe use of send_file function Critical
CVE-2022-31573 was published for chainerrl-visualizer (pip) Jul 12, 2022
Path Traversal in nemo-toolkit Moderate
CVE-2022-22821 was published for nemo-toolkit (pip) Jan 11, 2022
Streamlit directory traversal vulnerability Moderate
CVE-2022-35918 was published for streamlit (pip) Aug 6, 2022
sanic vulnerable to Path Traversal when using `app.static` if using encoded `%2F` URLs High
CVE-2022-35920 was published for sanic (pip) Aug 6, 2022
Path Traversal in scout-browser Moderate
CVE-2022-1554 was published for scout-browser (pip) May 4, 2022
Pallets Werkzeug vulnerable to Path Traversal High
CVE-2019-14322 was published for werkzeug (pip) May 24, 2022
OpenStack Cinder, glance, and Nova vulnerable to Path Traversal Moderate
CVE-2022-47951 was published for cinder (pip) Jan 27, 2023
Path traversal in spotipy Moderate
CVE-2023-23608 was published for spotipy (pip) Jan 23, 2023
Shaderbug
tripleo-ansible may disclose important configuration details from an OpenStack deployment Moderate
CVE-2022-3146 was published for tripleo-ansible (pip) Mar 23, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment Moderate
CVE-2022-3101 was published for tripleo-ansible (pip) Mar 23, 2023
pgAdmin 4 vulnerable to directory traversal Moderate
CVE-2023-0241 was published for pgadmin4 (pip) Mar 27, 2023
pgAdmin 4 Path Traversal vulnerability Moderate
CVE-2022-0959 was published for pgadmin4 (pip) Mar 17, 2022
Radicale is vulnerable to directory traversal on Windows Filesystem Storage Backend component Critical
CVE-2016-1505 was published for Radicale (pip) May 17, 2022
SatyaLab opendiamond 10.1.1 vulnerable to path traversal because Flask send_file function used unsafely Critical
CVE-2022-31506 was published for opendiamond (pip) Jul 12, 2022
Path traversal in binwalk High
CVE-2022-4510 was published for binwalk (pip) Jan 26, 2023
qkaiser
Mercurial Directory traversal vulnerability Moderate
CVE-2008-2942 was published for mercurial (pip) May 1, 2022
Withdrawn Advisory: Pulp Improper Path Parsing Moderate
CVE-2018-10917 was published for pulpcore (pip) May 13, 2022 withdrawn
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in hyper-bump-it Low
CVE-2023-41057 was published for hyper-bump-it (pip) Sep 4, 2023
plannigan
Duplicate Advisory: Starlette vulnerable to directory traversal High
GHSA-qj8w-rv5x-2v9h was published for starlette (pip) Jun 1, 2023 withdrawn
ethyca-fides Webserver API Path Traversal vulnerability High
CVE-2023-36827 was published for ethyca-fides (pip) Jul 6, 2023
daveqnet
sviehb/jefferson vulnerable to path traversal High
CVE-2022-4885 was published for jefferson (pip) Jan 11, 2023
Any file can be included with the pymdown-snippets extension High
CVE-2023-32309 was published for pymdown-extensions (pip) May 15, 2023
itlabbet tvalenta
ProTip! Advisories are also available from the GraphQL API