Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

375 advisories

Loading
phpSysInfo allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence Moderate
CVE-2006-3360 was published for phpsysinfo/phpsysinfo (Composer) May 1, 2022
Jetty Directory Traversal Vulnerability Moderate
CVE-2006-2758 was published for org.mortbay.jetty:jetty (Maven) May 1, 2022
Apache Tomcat Directory Traversal Moderate
CVE-2000-1210 was published for org.apache.tomcat:tomcat (Maven) Apr 30, 2022
Roundup Directory traversal vulnerability Moderate
CVE-2004-1444 was published for Roundup (pip) Apr 29, 2022
Jakarta Tomcat Directory Listing vulnerability Moderate
CVE-2003-0042 was published for org.apache.tomcat:tomcat (Maven) Apr 29, 2022
Path Traversal in Grunt Moderate
CVE-2022-0436 was published for grunt (npm) Apr 13, 2022
Arbitrary file read vulnerability in Jenkins Continuous Integration with Toad Edge Plugin Moderate
CVE-2022-28146 was published for org.jenkins-ci.plugins:ci-with-toad-edge (Maven) Mar 30, 2022
NotMyFault
Path traversal in Jenkins Phoenix AutoTest Plugin Moderate
CVE-2022-28156 was published for com.surenpi.jenkins:phoenix-autotest (Maven) Mar 30, 2022
Path traversal vulnerability on Windows in Jenkins Continuous Integration with Toad Edge Plugin Moderate
CVE-2022-28148 was published for org.jenkins-ci.plugins:ci-with-toad-edge (Maven) Mar 30, 2022
NotMyFault
Path traversal in Jenkins Pipeline Phoenix AutoTest Plugin Moderate
CVE-2022-28157 was published for com.surenpi.jenkins:phoenix-autotest (Maven) Mar 30, 2022
Path traversal allows leaking out-of-bound files from Argo CD repo-server Moderate
CVE-2022-24731 was published for github.com/argoproj/argo-cd (Go) Mar 24, 2022
alexmt
Path Traversal in Spring-integration-zip Moderate
CVE-2021-22114 was published for org.springframework.integration:spring-integration-zip (Maven) Mar 18, 2022
pgAdmin 4 Path Traversal vulnerability Moderate
CVE-2022-0959 was published for pgadmin4 (pip) Mar 17, 2022
Arbitrary JSON and property file read vulnerability in Jenkins Extended Choice Parameter Plugin Moderate
CVE-2022-27203 was published for org.jenkins-ci.plugins:extended-choice-parameter (Maven) Mar 16, 2022
NotMyFault
Arbitrary file read vulnerability in Jenkins kubernetes-cd Plugin Moderate
CVE-2022-27208 was published for org.jenkins-ci.plugins:kubernetes-cd (Maven) Mar 16, 2022
NotMyFault
Path Traversal in Gitea Moderate
CVE-2021-29134 was published for code.gitea.io/gitea (Go) Mar 16, 2022
Path traversal in FreeTAKServer-UI Moderate
CVE-2022-25511 was published for FreeTAKServer-UI (pip) Mar 12, 2022
Path traversal in pimcore Moderate
CVE-2022-0665 was published for pimcore/pimcore (Composer) Feb 23, 2022
Path Traversal in LemMinX Moderate
CVE-2022-0673 was published for org.eclipse.lemminx:lemminx-parent (Maven) Feb 19, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jenkins Pipeline: Shared Groovy Libraries Plugin Moderate
CVE-2022-25178 was published for org.jenkins-ci.plugins.workflow:workflow-cps-global-lib (Maven) Feb 16, 2022
westonsteimel
Path traversal vulnerability in Jenkins Fortify Plugin Moderate
CVE-2022-25188 was published for org.jenkins-ci.plugins:fortify (Maven) Feb 16, 2022
NotMyFault
Directory traversal in Kubernetes Secrets Store CSI Driver Moderate
CVE-2020-8568 was published for sigs.k8s.io/secrets-store-csi-driver (Go) Feb 15, 2022
Arbitrary File Write via Archive Extraction in mholt/archiver Moderate
CVE-2018-1002207 was published for github.com/mholt/archiver (Go) Feb 15, 2022
avivdolev
Directory Traversal in Kubernetes Moderate
CVE-2015-5305 was published for github.com/kubernetes/kubernetes (Go) Feb 15, 2022
Path Traversal in HashiCorp Nomad Moderate
CVE-2020-28348 was published for github.com/hashicorp/nomad (Go) Feb 15, 2022
avivdolev
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database