Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,801
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,010
NuGet
720
pip
3,810
Pub
12
RubyGems
930
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+

90 advisories

Loading
Apache Airflow Path Traversal vulnerability High
CVE-2023-22887 was published for apache-airflow (pip) Jul 12, 2023
sunSUNQ
ethyca-fides Webserver API Path Traversal vulnerability High
CVE-2023-36827 was published for ethyca-fides (pip) Jul 6, 2023
daveqnet
Duplicate Advisory: Starlette vulnerable to directory traversal High
GHSA-qj8w-rv5x-2v9h was published for starlette (pip) Jun 1, 2023 withdrawn
Any file can be included with the pymdown-snippets extension High
CVE-2023-32309 was published for pymdown-extensions (pip) May 15, 2023
itlabbet tvalenta
mflow vulnerable to directory traversal High
CVE-2023-30172 was published for mlflow (pip) May 11, 2023
pretalx vulnerable to path traversal in HTML export High
CVE-2023-28459 was published for pretalx (pip) Apr 20, 2023
mindsdb arbitrary file write when extracting a remotely retrieved Tarball High
CVE-2023-30620 was published for mindsdb (pip) Mar 30, 2023
Sim4n6
Directory Traversal in onnx High
CVE-2022-25882 was published for onnx (pip) Jan 26, 2023
Path traversal in binwalk High
CVE-2022-4510 was published for binwalk (pip) Jan 26, 2023
qkaiser
sviehb/jefferson vulnerable to path traversal High
CVE-2022-4885 was published for jefferson (pip) Jan 11, 2023
rdiffweb Path Traversal vulnerability High
CVE-2022-3389 was published for rdiffweb (pip) Oct 6, 2022
sanic vulnerable to Path Traversal when using `app.static` if using encoded `%2F` URLs High
CVE-2022-35920 was published for sanic (pip) Aug 6, 2022
mat2 before 0.13.0 allows directory traversal during the ZIP archive cleaning process. High
CVE-2022-35410 was published for mat2 (pip) Jul 12, 2022
SaltStack Salt Directory Traversal vulnerability High
CVE-2021-25282 was published for salt (pip) May 24, 2022
SaltStack Salt is vulnerable Arbitrary Directory Access High
CVE-2020-11652 was published for salt (pip) May 24, 2022
koji hub allows arbitrary upload destinations High
CVE-2019-17109 was published for koji (pip) May 24, 2022
Pallets Werkzeug vulnerable to Path Traversal High
CVE-2019-14322 was published for werkzeug (pip) May 24, 2022
Tryton Directory Traversal vulnerability High
CVE-2013-4510 was published for trytond (pip) May 17, 2022
Django Directory Traversal via ssi template tag High
CVE-2013-4315 was published for django (pip) May 17, 2022
Sanic arbitrary file read and directory traversal High
CVE-2017-16762 was published for sanic (pip) May 17, 2022
uWSGI Directory Traversal vulnerability High
CVE-2018-7490 was published for uWSGI (pip) May 14, 2022
Django Admin Media Handler Vulnerable to Directory Traversal High
CVE-2009-2659 was published for Django (pip) May 2, 2022
CherryPy Malicious cookies allow access to files outside the session directory High
CVE-2008-0252 was published for cherrypy (pip) May 1, 2022
anonymous4ACL24
CherryPy Directory traversal vulnerability High
CVE-2006-0847 was published for cherrypy (pip) May 1, 2022
Path traversal in Pillow High
CVE-2022-24303 was published for Pillow (pip) Mar 11, 2022
sunSUNQ
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database