Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,109
Maven
5,000+
npm
3,765
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
887
Swift
37
Unreviewed advisories
All unreviewed
5,000+

371 advisories

Loading
Path Traversal in MHolt Archiver Moderate
CVE-2019-10743 was published for github.com/mholt/archiver (Go) May 18, 2021
Path Traversal in droppy Moderate
CVE-2020-7757 was published for droppy (npm) May 10, 2021
Path Traversal and Improper Input Validation in Apache Commons IO Moderate
CVE-2021-29425 was published for com.cosium.vet:vet (Maven) Apr 26, 2021
wtwhite jensdietrich
Path Traversal in Ansible Moderate
CVE-2020-10691 was published for ansible (pip) Apr 20, 2021
tdunlap607
Directory traversal in development mode handler in Vaadin 14 and 15-17 Moderate
CVE-2020-36321 was published for com.vaadin:flow-server (Maven) Apr 19, 2021
Authenticated path traversal in Umbraco CMS Moderate
CVE-2020-5811 was published for UmbracoCms (NuGet) Apr 13, 2021
Path Traversal in jsreport-chrome-pdf Moderate
CVE-2020-7762 was published for jsreport-chrome-pdf (npm) Apr 13, 2021
Directory Traversal in Django Moderate
CVE-2021-28658 was published for Django (pip) Apr 8, 2021
Path Traversal in Ansible Moderate
CVE-2020-1735 was published for ansible (pip) Apr 7, 2021
jhampson-dbre
Path Traversal within joomla/archive zip class Moderate
CVE-2021-26028 was published for joomla/archive (Composer) Mar 24, 2021
Django Directory Traversal via archive.extract Moderate
CVE-2021-3281 was published for django (pip) Mar 18, 2021
File System Bounds Escape Moderate
CVE-2020-26299 was published for ftp-srv (npm) Feb 10, 2021
n-timofeev
Mautic users able to download any files from server using filemanager Moderate
CVE-2017-1000490 was published for mautic/core (Composer) Jan 19, 2021
MPXJ path Traversal vulnerability Moderate
CVE-2020-35460 was published for net.sf.mpxj:mpxj (Maven) Dec 18, 2020
Path Traversal in public Moderate
GHSA-4vvp-x9h2-x2vf was published for public (npm) Sep 3, 2020
Directory Traversal in featurebook Moderate
GHSA-7x92-2j68-h32c was published for featurebook (npm) Sep 1, 2020
Directory Traversal in dasafio Moderate
CVE-2017-16179 was published for dasafio (npm) Sep 1, 2020
Hidden Directories Always Served in inert Moderate
CVE-2014-10068 was published for inert (npm) Aug 31, 2020
Directory traversal in Apache RocketMQ Moderate
CVE-2019-17572 was published for org.apache.rocketmq:rocketmq-broker (Maven) Jul 1, 2020
Directory traversal outside of SENDFILE_ROOT in django-sendfile2 Moderate
GHSA-6r3c-8xf3-ggrr was published for django-sendfile2 (pip) Jun 24, 2020
gipi moggers87
Directory traversal attack in Spring Cloud Config Moderate
CVE-2020-5405 was published for org.springframework.cloud:spring-cloud-config-server (Maven) Jun 5, 2020
Arbitrary File Read in Snyk Broker Moderate
CVE-2020-7652 was published for snyk-broker (npm) Jun 3, 2020
Arbitrary File Read in Snyk Broker Moderate
CVE-2020-7648 was published for snyk-broker (npm) Jun 3, 2020
Arbitrary File Read in Snyk Broker Moderate
CVE-2020-7650 was published for snyk-broker (npm) Jun 3, 2020
Arbitrary File Read in Snyk Broker Moderate
CVE-2020-7651 was published for snyk-broker (npm) Jun 3, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database