Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

154 advisories

Loading
Path Traversal in openapi-python-client Low
CVE-2020-15141 was published for openapi-python-client (pip) Aug 20, 2020
pawamoy emann
Directory traversal outside of SENDFILE_ROOT in django-sendfile2 Moderate
GHSA-6r3c-8xf3-ggrr was published for django-sendfile2 (pip) Jun 24, 2020
gipi moggers87
Directory Traversal vulnerability in GET/PUT allows attackers to Disclose Information or Write Files via a crafted GET/PUT request Low
CVE-2020-15239 was published for xmpp-http-upload (pip) Oct 6, 2020
ChristianTacke
Remote Code Execution via traversal in TAL expressions High
GHSA-rpcg-f9q6-2mq6 was published for Zope (pip) Jun 8, 2021
Remote Code Execution via traversal in TAL expressions Moderate
GHSA-5pr9-v234-jw36 was published for Zope (pip) Jun 18, 2021
Path traversal in FreeTAKServer-UI Moderate
CVE-2022-25511 was published for FreeTAKServer-UI (pip) Mar 12, 2022
Path Traversal in pip High
CVE-2019-20916 was published for pip (pip) Jun 9, 2021
Tooxie Shiva 0.10.0 allows absolute path traversal because Flask send_file function used unsafely Critical
CVE-2022-31558 was published for shiva (pip) Jul 12, 2022
ChainerRL Visualizer 0.1.1 vulnerable to Path Traversal via unsafe use of send_file function Critical
CVE-2022-31573 was published for chainerrl-visualizer (pip) Jul 12, 2022
Path Traversal in nemo-toolkit Moderate
CVE-2022-22821 was published for nemo-toolkit (pip) Jan 11, 2022
Directory Traversal in pyftpdlib Moderate
CVE-2007-6736 was published for pyftpdlib (pip) May 1, 2022
Directory traversal in pyftpdlib Moderate
CVE-2008-7262 was published for pyftpdlib (pip) May 17, 2022
mat2 before 0.13.0 allows directory traversal during the ZIP archive cleaning process. Moderate
CVE-2022-35410 was published for mat2 (pip) Jul 12, 2022
Path traversal in Onionshare Moderate
CVE-2022-21693 was published for onionshare-cli (pip) Jan 21, 2022
UBI Reader vulnerable to Path Traversal High
CVE-2022-4572 was published for ubi-reader (pip) Dec 17, 2022
Streamlit directory traversal vulnerability Moderate
CVE-2022-35918 was published for streamlit (pip) Aug 6, 2022
sanic vulnerable to Path Traversal when using `app.static` if using encoded `%2F` URLs High
CVE-2022-35920 was published for sanic (pip) Aug 6, 2022
Path Traversal in scout-browser Moderate
CVE-2022-1554 was published for scout-browser (pip) May 4, 2022
rdiffweb Path Traversal vulnerability High
CVE-2022-3389 was published for rdiffweb (pip) Oct 6, 2022
Path Traversal in Zope High
CVE-2021-32633 was published for Zope (pip) Jun 15, 2021
Path Traversal in Zope High
CVE-2021-32674 was published for Zope (pip) Jun 10, 2021
Client metadata path-traversal High
CVE-2021-41131 was published for tuf (pip) Oct 19, 2021
jku
Maliciously Crafted Model Archive Can Lead To Arbitrary File Write High
CVE-2021-41127 was published for rasa (pip) Oct 22, 2021
Path traversal in Matrix Synapse High
CVE-2021-41281 was published for matrix-synapse (pip) Nov 23, 2021
Pallets Werkzeug vulnerable to Path Traversal High
CVE-2019-14322 was published for werkzeug (pip) May 24, 2022
ProTip! Advisories are also available from the GraphQL API