Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

8 advisories

Loading
snapd failed to properly check the destination of symbolic links when extracting a snap Low
CVE-2024-29069 was published for github.com/snapcore/snapd (Go) Jul 25, 2024
HashiCorp Vagrant Insecure Operation on Windows Junction / Mount Point vulnerability Low
CVE-2023-5834 was published for github.com/hashicorp/vagrant (Go) Oct 28, 2023
Cargo extracting malicious crates can corrupt arbitrary files Low
CVE-2022-36113 was published for cargo (Rust) Sep 16, 2022
pietroalbini litios
Virtualenv Allows Symlink Attack on /tmp/ Low
CVE-2011-4617 was published for virtualenv (pip) May 17, 2022
pyxdg Arbitrary File Overwrite via Race Condition Low
CVE-2014-1624 was published for pyxdg (pip) May 17, 2022
Puppet arbitrary files overwrite via a symlink attack Low
CVE-2010-0156 was published for puppet (RubyGems) May 2, 2022
Directory exposure in jetty Low
CVE-2021-28163 was published for org.eclipse.jetty:jetty-deploy (Maven) Apr 6, 2021
svarovski
Local Privilege Escalation in npm Low
CVE-2013-4116 was published for npm (npm) Sep 1, 2020
ProTip! Advisories are also available from the GraphQL API