Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

356 advisories

Loading
Path traversal in Grafana Loki Moderate
CVE-2021-36156 was published for github.com/grafana/loki (Go) Sep 2, 2021
simonswine
Directory Traversal in isomorphic-git Moderate
CVE-2021-30483 was published for isomorphic-git (npm) Sep 2, 2021
Path traversal in Grafana Cortex Moderate
CVE-2021-36157 was published for github.com/cortexproject/cortex (Go) Sep 2, 2021
Path Traversal in bikshed Moderate
CVE-2021-23423 was published for bikeshed (pip) Aug 30, 2021
Remote Code Execution via traversal in TAL expressions Moderate
GHSA-5pr9-v234-jw36 was published for Zope (pip) Jun 18, 2021
Path Traversal in Django Moderate
CVE-2021-33203 was published for Django (pip) Jun 10, 2021
Path traversal Moderate
CVE-2021-32662 was published for @backstage/techdocs-common (npm) Jun 4, 2021
StaticFile.fromUrl can leak presence of a directory Moderate
CVE-2021-32643 was published for org.http4s:http4s-core (Maven) May 28, 2021
Path Traversal in Docker Moderate
CVE-2014-9356 was published for github.com/docker/docker (Go) May 18, 2021
picatz neersighted
Path Traversal in MHolt Archiver Moderate
CVE-2019-10743 was published for github.com/mholt/archiver (Go) May 18, 2021
Path Traversal in droppy Moderate
CVE-2020-7757 was published for droppy (npm) May 10, 2021
Path Traversal and Improper Input Validation in Apache Commons IO Moderate
CVE-2021-29425 was published for com.cosium.vet:vet (Maven) Apr 26, 2021
wtwhite jensdietrich
Path Traversal in Ansible Moderate
CVE-2020-10691 was published for ansible (pip) Apr 20, 2021
tdunlap607
Directory traversal in development mode handler in Vaadin 14 and 15-17 Moderate
CVE-2020-36321 was published for com.vaadin:flow-server (Maven) Apr 19, 2021
Authenticated path traversal in Umbraco CMS Moderate
CVE-2020-5811 was published for UmbracoCms (NuGet) Apr 13, 2021
Path Traversal in jsreport-chrome-pdf Moderate
CVE-2020-7762 was published for jsreport-chrome-pdf (npm) Apr 13, 2021
Directory Traversal in Django Moderate
CVE-2021-28658 was published for Django (pip) Apr 8, 2021
Path Traversal in Ansible Moderate
CVE-2020-1735 was published for ansible (pip) Apr 7, 2021
jhampson-dbre
Path Traversal within joomla/archive zip class Moderate
CVE-2021-26028 was published for joomla/archive (Composer) Mar 24, 2021
Django Directory Traversal via archive.extract Moderate
CVE-2021-3281 was published for django (pip) Mar 18, 2021
File System Bounds Escape Moderate
CVE-2020-26299 was published for ftp-srv (npm) Feb 10, 2021
n-timofeev
Mautic users able to download any files from server using filemanager Moderate
CVE-2017-1000490 was published for mautic/core (Composer) Jan 19, 2021
MPXJ path Traversal vulnerability Moderate
CVE-2020-35460 was published for net.sf.mpxj:mpxj (Maven) Dec 18, 2020
Path Traversal in public Moderate
GHSA-4vvp-x9h2-x2vf was published for public (npm) Sep 3, 2020
Directory Traversal in featurebook Moderate
GHSA-7x92-2j68-h32c was published for featurebook (npm) Sep 1, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database