GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
844
Swift
36
Unreviewed advisories
All unreviewed
5,000+
358 advisories
Filter by severity
Path Traversal Vulnerability in `LESS` Parser allows reading of sensitive server files
Moderate
CVE-2023-27577
was published
for
flarum/core
(Composer)
Mar 13, 2023
Kubernetes vulnerable to path traversal
Moderate
CVE-2022-3162
was published
for
github.com/kubernetes/kubernetes
(Go)
Mar 1, 2023
Path traversal vulnerability in glance
Moderate
CVE-2022-25937
was published
for
glance
(npm)
Feb 13, 2023
StaticHandler disclosure of classpath resources on Windows when mounted on a wildcard route
Moderate
CVE-2023-24815
was published
for
io.vertx:vertx-web
(Maven)
Feb 10, 2023
Openshift Enterprise source-to-image vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip)
Moderate
CVE-2018-1103
was published
for
github.com/openshift/source-to-image
(Go)
Feb 6, 2023
Path Traversal In Eclipse GlassFish
Moderate
CVE-2022-2712
was published
for
org.glassfish.main.web:web
(Maven)
Jan 27, 2023
OpenStack Cinder, glance, and Nova vulnerable to Path Traversal
Moderate
CVE-2022-47951
was published
for
cinder
(pip)
Jan 27, 2023
Path Traversal in Jenkins visualexpert Plugin
Moderate
CVE-2023-24455
was published
for
io.jenkins.plugins:visualexpert
(Maven)
Jan 26, 2023
Path traversal vulnerability in Jenkins PWauth Security Realm Plugin
Moderate
CVE-2023-24449
was published
for
org.jvnet.hudson.plugins:pwauth
(Maven)
Jan 26, 2023
Path Traversal in github.com/go-sonic/sonic
Moderate
CVE-2022-46959
was published
for
github.com/go-sonic/sonic
(Go)
Jan 23, 2023
Velociraptor subject to Path Traversal
Moderate
CVE-2023-0290
was published
for
www.velocidex.com/golang/velociraptor
(Go)
Jan 19, 2023
SUKOHI Surpass Path Traversal vulnerability
Moderate
CVE-2015-10030
was published
for
sukohi/surpass
(Composer)
Jan 8, 2023
pastebinit Path Traversal vulnerability
Moderate
CVE-2018-25059
was published
for
github.com/jessfraz/pastebinit
(Go)
Dec 30, 2022
Tauri Filesystem Scope Glob Pattern is too Permissive
Moderate
CVE-2022-46171
was published
for
tauri
(Rust)
Dec 22, 2022
easywebpack-cli Path Traversal vulnerability
Moderate
CVE-2020-24855
was published
for
@easy-team/easywebpack-cli
(npm)
Dec 15, 2022
Echo vulnerable to directory traversal
Moderate
CVE-2020-36565
was published
for
github.com/labstack/echo/v4
(Go)
Dec 7, 2022
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package
Moderate
CVE-2022-23530
was published
for
guarddog
(pip)
Dec 5, 2022
hyper-staticfile's improper validation of Windows paths could lead to directory traversal attack
Moderate
GHSA-7p7c-pvvx-2vx3
was published
for
hyper-staticfile
(Rust)
Dec 5, 2022
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted PyPI package
Moderate
CVE-2022-23531
was published
for
guarddog
(pip)
Dec 2, 2022
Apache DolphinScheduler vulnerable to Path Traversal
Moderate
CVE-2022-34662
was published
for
org.apache.dolphinscheduler:dolphinscheduler
(Maven)
Nov 1, 2022
Apache DolphinScheduler vulnerable to Path Traversal
Moderate
CVE-2022-26884
was published
for
org.apache.dolphinscheduler:dolphinscheduler
(Maven)
Oct 28, 2022
DNN vulnerable to Relative Path Traversal
Moderate
CVE-2022-2922
was published
for
DotNetNuke.Core
(NuGet)
Oct 1, 2022
Jenkins WildFly Deployer Plugin vulnerable to path traversal
Moderate
CVE-2022-41235
was published
for
org.jenkins-ci.plugins:wildfly-deployer
(Maven)
Sep 22, 2022
ProTip!
Advisories are also available from the
GraphQL API