GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
175 advisories
Filter by severity
Directory traversal outside of SENDFILE_ROOT in django-sendfile2
Moderate
GHSA-6r3c-8xf3-ggrr
was published
for
django-sendfile2
(pip)
Jun 24, 2020
Path traversal in FreeTAKServer-UI
Moderate
CVE-2022-25511
was published
for
FreeTAKServer-UI
(pip)
Mar 12, 2022
Tooxie Shiva 0.10.0 allows absolute path traversal because Flask send_file function used unsafely
Critical
CVE-2022-31558
was published
for
shiva
(pip)
Jul 12, 2022
ChainerRL Visualizer 0.1.1 vulnerable to Path Traversal via unsafe use of send_file function
Critical
CVE-2022-31573
was published
for
chainerrl-visualizer
(pip)
Jul 12, 2022
Path Traversal in nemo-toolkit
Moderate
CVE-2022-22821
was published
for
nemo-toolkit
(pip)
Jan 11, 2022
Streamlit directory traversal vulnerability
Moderate
CVE-2022-35918
was published
for
streamlit
(pip)
Aug 6, 2022
sanic vulnerable to Path Traversal when using `app.static` if using encoded `%2F` URLs
High
CVE-2022-35920
was published
for
sanic
(pip)
Aug 6, 2022
Path Traversal in scout-browser
Moderate
CVE-2022-1554
was published
for
scout-browser
(pip)
May 4, 2022
Pallets Werkzeug vulnerable to Path Traversal
High
CVE-2019-14322
was published
for
werkzeug
(pip)
May 24, 2022
OpenStack Cinder, glance, and Nova vulnerable to Path Traversal
Moderate
CVE-2022-47951
was published
for
cinder
(pip)
Jan 27, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment
Moderate
CVE-2022-3146
was published
for
tripleo-ansible
(pip)
Mar 23, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment
Moderate
CVE-2022-3101
was published
for
tripleo-ansible
(pip)
Mar 23, 2023
pgAdmin 4 vulnerable to directory traversal
Moderate
CVE-2023-0241
was published
for
pgadmin4
(pip)
Mar 27, 2023
pgAdmin 4 Path Traversal vulnerability
Moderate
CVE-2022-0959
was published
for
pgadmin4
(pip)
Mar 17, 2022
Radicale is vulnerable to directory traversal on Windows Filesystem Storage Backend component
Critical
CVE-2016-1505
was published
for
Radicale
(pip)
May 17, 2022
SatyaLab opendiamond 10.1.1 vulnerable to path traversal because Flask send_file function used unsafely
Critical
CVE-2022-31506
was published
for
opendiamond
(pip)
Jul 12, 2022
Mercurial Directory traversal vulnerability
Moderate
CVE-2008-2942
was published
for
mercurial
(pip)
May 1, 2022
Withdrawn Advisory: Pulp Improper Path Parsing
Moderate
CVE-2018-10917
was published
for
pulpcore
(pip)
May 13, 2022
•
withdrawn
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in hyper-bump-it
Low
CVE-2023-41057
was published
for
hyper-bump-it
(pip)
Sep 4, 2023
Duplicate Advisory: Starlette vulnerable to directory traversal
High
GHSA-qj8w-rv5x-2v9h
was published
for
starlette
(pip)
Jun 1, 2023
•
withdrawn
ethyca-fides Webserver API Path Traversal vulnerability
High
CVE-2023-36827
was published
for
ethyca-fides
(pip)
Jul 6, 2023
sviehb/jefferson vulnerable to path traversal
High
CVE-2022-4885
was published
for
jefferson
(pip)
Jan 11, 2023
Any file can be included with the pymdown-snippets extension
High
CVE-2023-32309
was published
for
pymdown-extensions
(pip)
May 15, 2023
ProTip!
Advisories are also available from the
GraphQL API