Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

345 advisories

Loading
Path Traversal in servey Moderate
GHSA-rv49-54qp-fw42 was published for servey (npm) Jun 6, 2019
Path Traversal in m-server Moderate
GHSA-vc6r-4x6g-mmqc was published for m-server (npm) Jun 11, 2019
Path Traversal in statics-server Moderate
GHSA-74cp-qw7f-7hpw was published for statics-server (npm) Jun 5, 2019
path traversal in Jooby Moderate
CVE-2020-7647 was published for io.jooby:jooby (Maven) May 13, 2020
Path Traversal in statics-server Moderate
CVE-2019-15596 was published for statics-server (npm) Mar 31, 2020
Arbitrary File Read in Snyk Broker Moderate
CVE-2020-7652 was published for snyk-broker (npm) Jun 3, 2020
Moderate severity vulnerability that affects com.sparkjava:spark-core Moderate
CVE-2018-9159 was published for com.sparkjava:spark-core (Maven) Oct 19, 2018
Directory Traversal in bitty Moderate
CVE-2016-10561 was published for bitty (npm) Feb 18, 2019
Moderate severity vulnerability that affects org.apache.karaf:apache-karaf and org.apache.karaf:karaf Moderate
CVE-2019-0191 was published for org.apache.karaf:apache-karaf (Maven) Mar 25, 2019
Moderate severity vulnerability that affects org.apache.tika:tika-core Moderate
CVE-2018-11762 was published for org.apache.tika:tika-core (Maven) Oct 17, 2018
Directory traversal in Apache RocketMQ Moderate
CVE-2019-17572 was published for org.apache.rocketmq:rocketmq-broker (Maven) Jul 1, 2020
Hidden Directories Always Served in inert Moderate
CVE-2014-10068 was published for inert (npm) Aug 31, 2020
Directory Traversal in featurebook Moderate
GHSA-7x92-2j68-h32c was published for featurebook (npm) Sep 1, 2020
Directory Traversal in restafary Moderate
CVE-2016-10528 was published for restafary (npm) Feb 18, 2019
Directory traversal outside of SENDFILE_ROOT in django-sendfile2 Moderate
GHSA-6r3c-8xf3-ggrr was published for django-sendfile2 (pip) Jun 24, 2020
gipi moggers87
Path Traversal in public Moderate
GHSA-4vvp-x9h2-x2vf was published for public (npm) Sep 3, 2020
Path Traversal within joomla/archive zip class Moderate
CVE-2021-26028 was published for joomla/archive (Composer) Mar 24, 2021
Remote Code Execution via traversal in TAL expressions Moderate
GHSA-5pr9-v234-jw36 was published for Zope (pip) Jun 18, 2021
Arbitrary File Write via Archive Extraction in mholt/archiver Moderate
CVE-2018-1002207 was published for github.com/mholt/archiver (Go) Feb 15, 2022
avivdolev
RustEmbed generated `get` method allows for directory traversal when reading files from disk Moderate
GHSA-cgw6-f3mj-h742 was published for rust-embed (Rust) Jun 17, 2022
The rack-cors rubygem may allow directory traveral Moderate
CVE-2019-18978 was published for rack-cors (RubyGems) Nov 15, 2019
Sinatra Path Traversal vulnerability Moderate
CVE-2018-7212 was published for sinatra (RubyGems) Feb 20, 2018
Path traversal in FreeTAKServer-UI Moderate
CVE-2022-25511 was published for FreeTAKServer-UI (pip) Mar 12, 2022
Path Traversal in Gitea Moderate
CVE-2021-29134 was published for code.gitea.io/gitea (Go) Mar 16, 2022
Path traversal in Jenkins Phoenix AutoTest Plugin Moderate
CVE-2022-28156 was published for com.surenpi.jenkins:phoenix-autotest (Maven) Mar 30, 2022
ProTip! Advisories are also available from the GraphQL API