Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,815
Erlang
36
GitHub Actions
32
Go
2,401
Maven
5,000+
npm
4,044
NuGet
723
pip
3,830
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

130 advisories

Loading
Path Traversal In Eclipse GlassFish Moderate
CVE-2022-2712 was published for org.glassfish.main.web:web (Maven) Jan 27, 2023
Path traversal vulnerability in Jenkins PWauth Security Realm Plugin Moderate
CVE-2023-24449 was published for org.jvnet.hudson.plugins:pwauth (Maven) Jan 26, 2023
Path Traversal in Jenkins visualexpert Plugin Moderate
CVE-2023-24455 was published for io.jenkins.plugins:visualexpert (Maven) Jan 26, 2023
Apache DolphinScheduler vulnerable to Path Traversal Moderate
CVE-2022-34662 was published for org.apache.dolphinscheduler:dolphinscheduler (Maven) Nov 1, 2022
Apache DolphinScheduler vulnerable to Path Traversal Moderate
CVE-2022-26884 was published for org.apache.dolphinscheduler:dolphinscheduler (Maven) Oct 28, 2022
Jenkins WildFly Deployer Plugin vulnerable to path traversal Moderate
CVE-2022-41235 was published for org.jenkins-ci.plugins:wildfly-deployer (Maven) Sep 22, 2022
NotMyFault
Path traversal in Jenkins build-publisher Plugin Moderate
CVE-2022-41231 was published for org.jenkins-ci.plugins:build-publisher (Maven) Sep 22, 2022
NotMyFault
Keycloak has Files or Directories Accessible to External Parties Moderate
CVE-2021-3856 was published for org.keycloak:keycloak-core (Maven) Aug 27, 2022
Path Traversal in Gravitee API Management Moderate
CVE-2019-25075 was published for io.gravitee.apim:gravitee-api-management (Maven) Aug 24, 2022
Venice vulnerable to Partial Path Traversal issue within the functions `load-file` and `load-resource` Moderate
CVE-2022-36007 was published for com.github.jlangch:venice (Maven) Aug 18, 2022
JLLeitschuh
Neo4j Graph apoc plugins Partial Path Traversal Vulnerability Moderate
CVE-2022-37423 was published for org.neo4j.procedure:apoc (Maven) Aug 12, 2022
JLLeitschuh
Jenkins Deployer Framework Plugin does not restrict application path of applications when configuring a deployment Moderate
CVE-2022-36889 was published for org.jenkins-ci.plugins:deployer-framework (Maven) Jul 28, 2022
NotMyFault
Jenkins Deployer Framework Plugin vulnerable to Path Traversal Moderate
CVE-2022-36890 was published for org.jenkins-ci.plugins:deployer-framework (Maven) Jul 28, 2022
Path Traversal vulnerability in Jenkins Embeddable Build Status Plugin Moderate
CVE-2022-34179 was published for org.jenkins-ci.plugins:embeddable-build-status (Maven) Jun 24, 2022
NotMyFault
Path traversal vulnerability in Jenkins Subversion Plugin allows reading arbitrary files Moderate
CVE-2021-21698 was published for org.jenkins-ci.plugins:subversion (Maven) May 24, 2022
NotMyFault
Path traversal vulnerability on Windows in Jenkins Moderate
CVE-2021-21683 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Arbitrary file read vulnerability in Jenkins Persona Plugin Moderate
CVE-2020-2293 was published for org.jenkins-ci.plugins:persona (Maven) May 24, 2022
NotMyFault
Arbitrary file write vulnerability in Jenkins Storable Configs Plugin Moderate
CVE-2020-2278 was published for org.jvnet.hudson.plugins:storable-configs-plugin (Maven) May 24, 2022
NotMyFault
Arbitrary file read vulnerability in Jenkins Storable Configs Plugin Moderate
CVE-2020-2277 was published for org.jvnet.hudson.plugins:storable-configs-plugin (Maven) May 24, 2022
NotMyFault
Arbitrary file read vulnerability in Copy data to workspace Jenkins Plugin Moderate
CVE-2020-2275 was published for org.jvnet.hudson.plugins:copy-data-to-workspace-plugin (Maven) May 24, 2022
NotMyFault
Path traversal vulnerability in Blue Ocean Plugin Moderate
CVE-2020-2254 was published for io.jenkins.blueocean:blueocean (Maven) May 24, 2022
NotMyFault
Arbitrary file write vulnerability in Jenkins Cobertura Plugin Moderate
CVE-2020-2139 was published for org.jenkins-ci.plugins:cobertura (Maven) May 24, 2022
NotMyFault
Ignite Realtime Openfire directory traversal vulnerability Moderate
CVE-2019-18393 was published for org.igniterealtime.openfire:parent (Maven) May 24, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jenkins Google OAuth Credentials Plugin Moderate
CVE-2019-10436 was published for org.jenkins-ci.plugins:google-oauth-plugin (Maven) May 24, 2022
Arbitrary file read vulnerability in Jenkins File System SCM Plugin Moderate
CVE-2019-10375 was published for hudson.plugins.filesystem_scm:filesystem_scm (Maven) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database