GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
37 advisories
Filter by severity
archive-tar-minitar and minitar vulnerable to Path Traversal
High
CVE-2016-10173
was published
for
archive-tar-minitar
(RubyGems)
Oct 24, 2017
Directory traversal vulnerability in Action View in Ruby on Rails
High
CVE-2016-0752
was published
for
actionpack
(RubyGems)
Oct 24, 2017
Directory traversal vulnerability in RubyZip
Critical
CVE-2017-5946
was published
for
rubyzip
(RubyGems)
Oct 24, 2017
actionview contains Path Traversal vulnerability
Moderate
CVE-2016-2097
was published
for
actionpack
(RubyGems)
Oct 24, 2017
actionpack vulnerable to Path Traversal
Moderate
CVE-2014-7818
was published
for
actionpack
(RubyGems)
Oct 24, 2017
Directory traversal vulnerability in actionpack
Moderate
CVE-2014-7829
was published
for
actionpack
(RubyGems)
Oct 24, 2017
sprockets vulnerable to Path Traversal
Moderate
CVE-2014-7819
was published
for
sprockets
(RubyGems)
Oct 24, 2017
actionpack Path Traversal vulnerability
Moderate
CVE-2014-0130
was published
for
actionpack
(RubyGems)
Oct 24, 2017
Puppet vulnerable to Path Traversal
Low
CVE-2012-3865
was published
for
puppet
(RubyGems)
Oct 24, 2017
Rack Vulnerable to Path Traversal
Moderate
CVE-2013-0262
was published
for
rack
(RubyGems)
Oct 24, 2017
Wicked gem contains Path traversal vulnerability
Moderate
CVE-2013-4413
was published
for
wicked
(RubyGems)
Oct 24, 2017
Mail Gem Path Traversal vulnerability
Moderate
CVE-2012-2139
was published
for
mail
(RubyGems)
Oct 24, 2017
Arbitrary file read vulnerability in yard server
High
CVE-2017-17042
was published
for
yard
(RubyGems)
Dec 21, 2017
Sinatra Path Traversal vulnerability
Moderate
CVE-2018-7212
was published
for
sinatra
(RubyGems)
Feb 20, 2018
Sprockets path traversal leads to information leak
High
CVE-2018-3760
was published
for
sprockets
(RubyGems)
Jun 20, 2018
Path Traversal in Action View
High
CVE-2019-5418
was published
for
actionview
(RubyGems)
Mar 13, 2019
RubyGems Delete directory using symlink when decompressing tar
High
CVE-2019-8320
was published
for
rubygems-update
(RubyGems)
Jun 20, 2019
Path Traversal vulnerability that affects yard
High
CVE-2019-1020001
was published
for
yard
(RubyGems)
Jul 2, 2019
Malicious URL drafting attack against iodines static file server may allow path traversal
Low
CVE-2024-22050
was published
for
iodine
(RubyGems)
Oct 7, 2019
The rack-cors rubygem may allow directory traveral
Moderate
CVE-2019-18978
was published
for
rack-cors
(RubyGems)
Nov 15, 2019
Arbitrary file write in actionpack-page_caching gem
Critical
CVE-2020-8159
was published
for
actionpack-page_caching
(RubyGems)
May 13, 2020
Directory traversal in Rack::Directory app bundled with Rack
High
CVE-2020-8161
was published
for
rack
(RubyGems)
Jul 6, 2020
Tempfile on Windows path traversal vulnerability
High
CVE-2021-28966
was published
for
tmpdir
(RubyGems)
May 6, 2021
Path traversal when MessageBus::Diagnostics is enabled
Moderate
CVE-2021-43840
was published
for
message_bus
(RubyGems)
Dec 17, 2021
Mongrel vulnerable to directory traversal via double-encoded sequences
Moderate
CVE-2007-6612
was published
for
mongrel
(RubyGems)
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API