Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

41 advisories

Loading
pastebinit Path Traversal vulnerability Moderate
CVE-2018-25059 was published for github.com/jessfraz/pastebinit (Go) Dec 30, 2022
Echo vulnerable to directory traversal Moderate
CVE-2020-36565 was published for github.com/labstack/echo/v4 (Go) Dec 7, 2022
Duplicate Advisory: KubeVirt arbitrary host file read from the VM Moderate
CVE-2022-1798 was published for kubevirt.io/kubevirt (Go) Aug 18, 2022 withdrawn
0xdidu michaelkedar
Helm Path Traversal Moderate
CVE-2019-1000008 was published for helm.sh/helm (Go) May 14, 2022
Path traversal allows leaking out-of-bound files from Argo CD repo-server Moderate
CVE-2022-24731 was published for github.com/argoproj/argo-cd (Go) Mar 24, 2022
alexmt
Path Traversal in Gitea Moderate
CVE-2021-29134 was published for code.gitea.io/gitea (Go) Mar 16, 2022
Directory traversal in Kubernetes Secrets Store CSI Driver Moderate
CVE-2020-8568 was published for sigs.k8s.io/secrets-store-csi-driver (Go) Feb 15, 2022
Arbitrary File Write via Archive Extraction in mholt/archiver Moderate
CVE-2018-1002207 was published for github.com/mholt/archiver (Go) Feb 15, 2022
avivdolev
Directory Traversal in Kubernetes Moderate
CVE-2015-5305 was published for github.com/kubernetes/kubernetes (Go) Feb 15, 2022
Path Traversal in HashiCorp Nomad Moderate
CVE-2020-28348 was published for github.com/hashicorp/nomad (Go) Feb 15, 2022
avivdolev
Insufficiently restricted permissions on plugin directories Moderate
CVE-2021-41103 was published for github.com/containerd/containerd (Go) Oct 4, 2021
Improperly Implemented path matching for in-toto-golang Moderate
CVE-2021-41087 was published for github.com/in-toto/in-toto-golang (Go) Sep 22, 2021
pxp928
Path traversal in Grafana Loki Moderate
CVE-2021-36156 was published for github.com/grafana/loki (Go) Sep 2, 2021
simonswine
Path traversal in Grafana Cortex Moderate
CVE-2021-36157 was published for github.com/cortexproject/cortex (Go) Sep 2, 2021
Path Traversal in Docker Moderate
CVE-2014-9356 was published for github.com/docker/docker (Go) May 18, 2021
picatz neersighted
Path Traversal in MHolt Archiver Moderate
CVE-2019-10743 was published for github.com/mholt/archiver (Go) May 18, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database