GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
78 advisories
Filter by severity
mat2 before 0.13.0 allows directory traversal during the ZIP archive cleaning process.
High
CVE-2022-35410
was published
for
mat2
(pip)
Jul 12, 2022
SaltStack Salt Directory Traversal vulnerability
High
CVE-2021-25282
was published
for
salt
(pip)
May 24, 2022
SaltStack Salt is vulnerable Arbitrary Directory Access
High
CVE-2020-11652
was published
for
salt
(pip)
May 24, 2022
koji hub allows arbitrary upload destinations
High
CVE-2019-17109
was published
for
koji
(pip)
May 24, 2022
Pallets Werkzeug vulnerable to Path Traversal
High
CVE-2019-14322
was published
for
werkzeug
(pip)
May 24, 2022
Tryton Directory Traversal vulnerability
High
CVE-2013-4510
was published
for
trytond
(pip)
May 17, 2022
Django Directory Traversal via ssi template tag
High
CVE-2013-4315
was published
for
django
(pip)
May 17, 2022
Sanic arbitrary file read and directory traversal
High
CVE-2017-16762
was published
for
sanic
(pip)
May 17, 2022
uWSGI Directory Traversal vulnerability
High
CVE-2018-7490
was published
for
uWSGI
(pip)
May 14, 2022
Django Admin Media Handler Vulnerable to Directory Traversal
High
CVE-2009-2659
was published
for
Django
(pip)
May 2, 2022
CherryPy Malicious cookies allow access to files outside the session directory
High
CVE-2008-0252
was published
for
cherrypy
(pip)
May 1, 2022
CherryPy Directory traversal vulnerability
High
CVE-2006-0847
was published
for
cherrypy
(pip)
May 1, 2022
Path traversal in Matrix Synapse
High
CVE-2021-41281
was published
for
matrix-synapse
(pip)
Nov 23, 2021
Maliciously Crafted Model Archive Can Lead To Arbitrary File Write
High
CVE-2021-41127
was published
for
rasa
(pip)
Oct 22, 2021
Remote Code Execution via traversal in TAL expressions
High
CVE-2021-32633
was published
for
Zope
(pip)
Jun 18, 2021
Duplicate Advisory: Path Traversal in Zope
High
GHSA-962m-m8jw-8wrr
was published
for
Zope
(pip)
Jun 15, 2021
•
withdrawn
The Fuck Arbitrary File Deletion via Path Traversal
High
CVE-2021-34363
was published
for
thefuck
(pip)
Jun 15, 2021
Duplicate Advisory: Path Traversal in Zope
High
GHSA-5vq5-pg3r-9ph3
was published
for
Zope
(pip)
Jun 10, 2021
•
withdrawn
Remote Code Execution via traversal in TAL expressions
High
CVE-2021-32674
was published
for
Zope
(pip)
Jun 8, 2021
Flask-Cors Directory Traversal vulnerability
High
CVE-2020-25032
was published
for
Flask-Cors
(pip)
May 6, 2021
ProTip!
Advisories are also available from the
GraphQL API