Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

552 advisories

Loading
Path traversal in github.com/ipfs/go-ipfs High
CVE-2020-26279 was published for github.com/ipfs/go-ipfs (Go) Jun 23, 2021
tintinweb
github.com/sassoftware/go-rpmutils Arbitrary File Write via Archive Extraction (Zip Slip) High
CVE-2020-7667 was published for github.com/sassoftware/go-rpmutils (Go) Jun 23, 2021
Remote Code Execution via traversal in TAL expressions High
CVE-2021-32633 was published for Zope (pip) Jun 18, 2021
Duplicate Advisory: Path Traversal in Zope High
GHSA-962m-m8jw-8wrr was published for Zope (pip) Jun 15, 2021 withdrawn
The Fuck Arbitrary File Deletion via Path Traversal High
CVE-2021-34363 was published for thefuck (pip) Jun 15, 2021
Duplicate Advisory: Path Traversal in Zope High
GHSA-5vq5-pg3r-9ph3 was published for Zope (pip) Jun 10, 2021 withdrawn
Path Traversal in pip High
CVE-2019-20916 was published for pip (pip) Jun 9, 2021
Remote Code Execution via traversal in TAL expressions High
CVE-2021-32674 was published for Zope (pip) Jun 8, 2021
Path Traversal in Django High
CVE-2021-31542 was published for Django (pip) Jun 4, 2021
tdunlap607
mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs High
CVE-2021-30465 was published for github.com/opencontainers/runc (Go) May 25, 2021
champtar
Path traversal and files overwrite with unsquashfs in singularity High
CVE-2020-15229 was published for github.com/sylabs/singularity (Go) May 24, 2021
cclerget
Path traversal in u-root High
CVE-2020-7665 was published for github.com/u-root/u-root (Go) May 18, 2021
rjoleary
github.com/unknwon/cae Path Traversal vulnerability High
CVE-2020-7668 was published for github.com/unknwon/cae (Go) May 18, 2021
Path Traversal in github.com/unknwon/cae/zip High
CVE-2020-7664 was published for github.com/unknwon/cae (Go) May 18, 2021
Path Traversal in Buildah High
CVE-2020-10696 was published for github.com/containers/buildah (Go) May 18, 2021
github.com/u-root/u-root/pkg/tarutil Arbitrary File Write via Archive Extraction (Zip Slip) High
CVE-2020-7669 was published for github.com/u-root/u-root (Go) May 18, 2021
leungster
Path Traversal in browserless-chrome High
CVE-2020-7758 was published for browserless-chrome (npm) May 10, 2021
Path Traversal in marked-tree High
CVE-2020-7682 was published for marked-tree (npm) May 7, 2021
Path Traversal in marscode High
CVE-2020-7681 was published for marscode (npm) May 7, 2021
Path traversal in servey High
CVE-2020-8214 was published for servey (npm) May 7, 2021
Flask-Cors Directory Traversal vulnerability High
CVE-2020-25032 was published for Flask-Cors (pip) May 6, 2021
Tempfile on Windows path traversal vulnerability High
CVE-2021-28966 was published for tmpdir (RubyGems) May 6, 2021
Directory Traversal in Archive_Tar High
CVE-2020-36193 was published for pear/archive_tar (Composer) Apr 22, 2021
Path Traversal in Ansible High
CVE-2020-1737 was published for ansible (pip) Apr 20, 2021
Path Traversal in node-red-contrib-huemagic High
CVE-2021-25864 was published for node-red-contrib-huemagic (npm) Apr 13, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database