Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

62 advisories

Loading
Directory traversal outside of SENDFILE_ROOT in django-sendfile2 Moderate
GHSA-6r3c-8xf3-ggrr was published for django-sendfile2 (pip) Jun 24, 2020
gipi moggers87
Remote Code Execution via traversal in TAL expressions Moderate
GHSA-5pr9-v234-jw36 was published for Zope (pip) Jun 18, 2021
Path traversal in FreeTAKServer-UI Moderate
CVE-2022-25511 was published for FreeTAKServer-UI (pip) Mar 12, 2022
Path Traversal in nemo-toolkit Moderate
CVE-2022-22821 was published for nemo-toolkit (pip) Jan 11, 2022
Directory Traversal in pyftpdlib Moderate
CVE-2007-6736 was published for pyftpdlib (pip) May 1, 2022
Directory traversal in pyftpdlib Moderate
CVE-2008-7262 was published for pyftpdlib (pip) May 17, 2022
mat2 before 0.13.0 allows directory traversal during the ZIP archive cleaning process. Moderate
CVE-2022-35410 was published for mat2 (pip) Jul 12, 2022
Path traversal in Onionshare Moderate
CVE-2022-21693 was published for onionshare-cli (pip) Jan 21, 2022
Streamlit directory traversal vulnerability Moderate
CVE-2022-35918 was published for streamlit (pip) Aug 6, 2022
Path Traversal in scout-browser Moderate
CVE-2022-1554 was published for scout-browser (pip) May 4, 2022
OpenStack Cinder, glance, and Nova vulnerable to Path Traversal Moderate
CVE-2022-47951 was published for cinder (pip) Jan 27, 2023
Path traversal in spotipy Moderate
CVE-2023-23608 was published for spotipy (pip) Jan 23, 2023
Shaderbug
tripleo-ansible may disclose important configuration details from an OpenStack deployment Moderate
CVE-2022-3146 was published for tripleo-ansible (pip) Mar 23, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment Moderate
CVE-2022-3101 was published for tripleo-ansible (pip) Mar 23, 2023
pgAdmin 4 vulnerable to directory traversal Moderate
CVE-2023-0241 was published for pgadmin4 (pip) Mar 27, 2023
pgAdmin 4 Path Traversal vulnerability Moderate
CVE-2022-0959 was published for pgadmin4 (pip) Mar 17, 2022
S3Scanner allows Directory Traversal Moderate
CVE-2021-32061 was published for s3scanner (pip) Nov 30, 2021
Path traversal in ubi-reader Moderate
CVE-2023-0591 was published for ubi-reader (pip) Jan 31, 2023
qkaiser
Mercurial Directory traversal vulnerability Moderate
CVE-2008-2942 was published for mercurial (pip) May 1, 2022
Withdrawn Advisory: Pulp Improper Path Parsing Moderate
CVE-2018-10917 was published for pulpcore (pip) May 13, 2022 withdrawn
Wagtail CRX CodeRed Extensions vulnerable to Path Traversal Moderate
CVE-2021-46897 was published for coderedcms (pip) Oct 22, 2023
pretalx vulnerable to path traversal in HTML export Moderate
CVE-2023-28459 was published for pretalx (pip) Apr 20, 2023
pretalx allows path traversal in HTML export Moderate
CVE-2023-28458 was published for pretalx (pip) Apr 20, 2023
TorchServe ZipSlip Moderate
CVE-2023-48299 was published for torchserve (pip) Nov 21, 2023
Ansible symlink attack vulnerability Moderate
CVE-2023-5115 was published for ansible (pip) Dec 28, 2023
ProTip! Advisories are also available from the GraphQL API