Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

358 advisories

Loading
Path Traversal in LemMinX Moderate
CVE-2022-0673 was published for org.eclipse.lemminx:lemminx-parent (Maven) Feb 19, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jenkins Pipeline: Shared Groovy Libraries Plugin Moderate
CVE-2022-25178 was published for org.jenkins-ci.plugins.workflow:workflow-cps-global-lib (Maven) Feb 16, 2022
westonsteimel
Path traversal vulnerability in Jenkins Fortify Plugin Moderate
CVE-2022-25188 was published for org.jenkins-ci.plugins:fortify (Maven) Feb 16, 2022
NotMyFault
Directory traversal in Kubernetes Secrets Store CSI Driver Moderate
CVE-2020-8568 was published for sigs.k8s.io/secrets-store-csi-driver (Go) Feb 15, 2022
Path Traversal in HashiCorp Nomad Moderate
CVE-2020-28348 was published for github.com/hashicorp/nomad (Go) Feb 15, 2022
avivdolev
Directory Traversal in Kubernetes Moderate
CVE-2015-5305 was published for github.com/kubernetes/kubernetes (Go) Feb 15, 2022
Arbitrary File Write via Archive Extraction in mholt/archiver Moderate
CVE-2018-1002207 was published for github.com/mholt/archiver (Go) Feb 15, 2022
avivdolev
Mercurial Path Traversal/Link Following vulnerability Moderate
CVE-2019-3902 was published for mercurial (pip) Feb 15, 2022
Path Traversal in S-Cart Moderate
CVE-2021-44111 was published for s-cart/s-cart (Composer) Feb 12, 2022
Path traversal in xwiki-platform-skin-skinx Moderate
CVE-2022-23620 was published for org.xwiki.platform:xwiki-platform-skin-skinx (Maven) Feb 9, 2022
Path Traversal in Apache James Server Moderate
CVE-2022-22931 was published for org.apache.james:james-server (Maven) Feb 8, 2022
Path Traversal in SharpZipLib Moderate
CVE-2021-32842 was published for SharpZipLib (NuGet) Feb 1, 2022
Path Traversal in SharpZipLib Moderate
CVE-2021-32841 was published for SharpZipLib (NuGet) Feb 1, 2022
Path Traversal in the Logs plugin for Craft CMS Moderate
CVE-2022-23409 was published for ether/logs (Composer) Feb 1, 2022
Path traversal in Apache Karaf Moderate
CVE-2022-22932 was published for org.apache.karaf:apache-karaf (Maven) Jan 28, 2022
Path traversal in Onionshare Moderate
CVE-2022-21693 was published for onionshare-cli (pip) Jan 21, 2022
Path traversal vulnerability in Jenkins Publish Over SSH Plugin Moderate
CVE-2022-23113 was published for org.jenkins-ci.plugins:publish-over-ssh (Maven) Jan 13, 2022
NotMyFault
Directory-traversal in Django Moderate
CVE-2021-45452 was published for Django (pip) Jan 12, 2022
tdunlap607
Path Traversal in nemo-toolkit Moderate
CVE-2022-22821 was published for nemo-toolkit (pip) Jan 11, 2022
Path traversal when MessageBus::Diagnostics is enabled Moderate
CVE-2021-43840 was published for message_bus (RubyGems) Dec 17, 2021
S3Scanner allows Directory Traversal Moderate
CVE-2021-32061 was published for s3scanner (pip) Nov 30, 2021
NodeBB vulnerable to path traversal in translator module Moderate
CVE-2021-43788 was published for nodebb (npm) Nov 30, 2021
paul-gerste-sonarsource
Path Traversal in @backstage/plugin-scaffolder-backend Moderate
CVE-2021-41151 was published for @backstage/plugin-scaffolder-backend (npm) Oct 19, 2021
Insufficiently restricted permissions on plugin directories Moderate
CVE-2021-41103 was published for github.com/containerd/containerd (Go) Oct 4, 2021
Improperly Implemented path matching for in-toto-golang Moderate
CVE-2021-41087 was published for github.com/in-toto/in-toto-golang (Go) Sep 22, 2021
pxp928
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database