Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,815
Erlang
36
GitHub Actions
32
Go
2,401
Maven
5,000+
npm
4,044
NuGet
723
pip
3,830
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

130 advisories

Loading
Improper Limitation of a Pathname to a Restricted Directory in Spring Framework Moderate
CVE-2014-3578 was published for org.springframework:spring-core (Maven) May 14, 2022
sunSUNQ
Improper Limitation of a Pathname to a Restricted Directory in Zip4j Moderate
CVE-2018-1002202 was published for net.lingala.zip4j:zip4j (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in plexus-archiver Moderate
CVE-2018-1002200 was published for org.codehaus.plexus:plexus-archiver (Maven) May 13, 2022
Jenkins Image Gallery Plugin allows Path Traversal Moderate
CVE-2016-4987 was published for com.tupilabs.image_gallery:image-gallery (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in zt-zip Moderate
CVE-2018-1002201 was published for org.zeroturnaround:zt-zip (Maven) May 13, 2022
Jenkins has Local File Inclusion Vulnerability Moderate
CVE-2015-5322 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Apache MyFaces Vulnerable to Path Traversal Moderate
CVE-2011-4367 was published for org.apache.myfaces.core:myfaces-impl (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in JCraft JSch Moderate
CVE-2016-5725 was published for com.jcraft:jsch (Maven) May 13, 2022
spring-integration-zip Arbitrary File Write Moderate
CVE-2018-1263 was published for org.springframework.integration:spring-integration-zip (Maven) May 13, 2022
MarkLee131
Improper Limitation of a Pathname to a Restricted Directory in Spring Framework Moderate
CVE-2014-3625 was published for org.springframework:spring-webmvc (Maven) May 13, 2022
sunSUNQ
Improper Limitation of a Pathname to a Restricted Directory in Jenkins Moderate
CVE-2018-6356 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
sunSUNQ
Path Traversal in com.alibaba.oneagent:one-java-agent-plugin Moderate
CVE-2022-25842 was published for com.alibaba.oneagent:one-java-agent-plugin (Maven) May 3, 2022
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Apache Tomcat Moderate
CVE-2009-2902 was published for org.apache.tomcat:tomcat (Maven) May 2, 2022
MarkLee131 sunSUNQ
Apache Tomcat Directory Traversal vulnerability Moderate
CVE-2009-2693 was published for org.apache.tomcat:tomcat (Maven) May 2, 2022
MarkLee131 sunSUNQ
Directory traversal in Mort Bay Jetty Moderate
CVE-2009-1523 was published for org.mortbay.jetty:jetty (Maven) May 2, 2022
joshbressers
Apache Tomcat Directory Traversal vulnerability Moderate
CVE-2008-2938 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
MarkLee131
Apache Tomcat Path Traversal Vulnerability Moderate
CVE-2008-2370 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
Alkacon OpenCMS Absolute Path Traversal via pathname in filePath.0 parameter Moderate
CVE-2008-1301 was published for org.opencms:opencms-core (Maven) May 1, 2022
Mortbay Jetty Double Slash URI Information Disclosure Vulnerability Moderate
CVE-2007-6672 was published for org.mortbay.jetty:jetty (Maven) May 1, 2022
Apache Tomcat Directory Traversal Moderate
CVE-2007-0450 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
sunSUNQ
Alkacon OpenCMS Absolute Path Traversal via pathname in filePath parameter Moderate
CVE-2006-3934 was published for org.opencms:opencms-core (Maven) May 1, 2022
Jetty Directory Traversal Vulnerability Moderate
CVE-2006-2758 was published for org.mortbay.jetty:jetty (Maven) May 1, 2022
Apache Tomcat Directory Traversal Moderate
CVE-2000-1210 was published for org.apache.tomcat:tomcat (Maven) Apr 30, 2022
Jakarta Tomcat Directory Listing vulnerability Moderate
CVE-2003-0042 was published for org.apache.tomcat:tomcat (Maven) Apr 29, 2022
Arbitrary file read vulnerability in Jenkins Continuous Integration with Toad Edge Plugin Moderate
CVE-2022-28146 was published for org.jenkins-ci.plugins:ci-with-toad-edge (Maven) Mar 30, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database