GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
62 advisories
Filter by severity
Directory traversal outside of SENDFILE_ROOT in django-sendfile2
Moderate
GHSA-6r3c-8xf3-ggrr
was published
for
django-sendfile2
(pip)
Jun 24, 2020
Remote Code Execution via traversal in TAL expressions
Moderate
GHSA-5pr9-v234-jw36
was published
for
Zope
(pip)
Jun 18, 2021
Path traversal in FreeTAKServer-UI
Moderate
CVE-2022-25511
was published
for
FreeTAKServer-UI
(pip)
Mar 12, 2022
Path Traversal in nemo-toolkit
Moderate
CVE-2022-22821
was published
for
nemo-toolkit
(pip)
Jan 11, 2022
Directory Traversal in pyftpdlib
Moderate
CVE-2007-6736
was published
for
pyftpdlib
(pip)
May 1, 2022
Directory traversal in pyftpdlib
Moderate
CVE-2008-7262
was published
for
pyftpdlib
(pip)
May 17, 2022
mat2 before 0.13.0 allows directory traversal during the ZIP archive cleaning process.
Moderate
CVE-2022-35410
was published
for
mat2
(pip)
Jul 12, 2022
Path traversal in Onionshare
Moderate
CVE-2022-21693
was published
for
onionshare-cli
(pip)
Jan 21, 2022
Streamlit directory traversal vulnerability
Moderate
CVE-2022-35918
was published
for
streamlit
(pip)
Aug 6, 2022
Path Traversal in scout-browser
Moderate
CVE-2022-1554
was published
for
scout-browser
(pip)
May 4, 2022
OpenStack Cinder, glance, and Nova vulnerable to Path Traversal
Moderate
CVE-2022-47951
was published
for
cinder
(pip)
Jan 27, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment
Moderate
CVE-2022-3146
was published
for
tripleo-ansible
(pip)
Mar 23, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment
Moderate
CVE-2022-3101
was published
for
tripleo-ansible
(pip)
Mar 23, 2023
pgAdmin 4 vulnerable to directory traversal
Moderate
CVE-2023-0241
was published
for
pgadmin4
(pip)
Mar 27, 2023
pgAdmin 4 Path Traversal vulnerability
Moderate
CVE-2022-0959
was published
for
pgadmin4
(pip)
Mar 17, 2022
S3Scanner allows Directory Traversal
Moderate
CVE-2021-32061
was published
for
s3scanner
(pip)
Nov 30, 2021
Mercurial Directory traversal vulnerability
Moderate
CVE-2008-2942
was published
for
mercurial
(pip)
May 1, 2022
Withdrawn Advisory: Pulp Improper Path Parsing
Moderate
CVE-2018-10917
was published
for
pulpcore
(pip)
May 13, 2022
•
withdrawn
Wagtail CRX CodeRed Extensions vulnerable to Path Traversal
Moderate
CVE-2021-46897
was published
for
coderedcms
(pip)
Oct 22, 2023
pretalx vulnerable to path traversal in HTML export
Moderate
CVE-2023-28459
was published
for
pretalx
(pip)
Apr 20, 2023
pretalx allows path traversal in HTML export
Moderate
CVE-2023-28458
was published
for
pretalx
(pip)
Apr 20, 2023
Ansible symlink attack vulnerability
Moderate
CVE-2023-5115
was published
for
ansible
(pip)
Dec 28, 2023
ProTip!
Advisories are also available from the
GraphQL API