Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

345 advisories

Loading
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted PyPI package Moderate
CVE-2022-23531 was published for guarddog (pip) Dec 2, 2022
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package Moderate
CVE-2022-23530 was published for guarddog (pip) Dec 5, 2022
Sim4n6
GitPython blind local file inclusion Moderate
CVE-2023-41040 was published for GitPython (pip) Aug 30, 2023
stsewd m3t3kh4n
EliahKagan
Directory Traversal in Django Moderate
CVE-2021-28658 was published for Django (pip) Apr 8, 2021
Django Directory Traversal via archive.extract Moderate
CVE-2021-3281 was published for django (pip) Mar 18, 2021
Path Traversal in Django Moderate
CVE-2021-33203 was published for Django (pip) Jun 10, 2021
Directory-traversal in Django Moderate
CVE-2021-45452 was published for Django (pip) Jan 12, 2022
tdunlap607
Contao affected by directory traversal in the file selector widget Moderate
CVE-2024-45604 was published for contao/core-bundle (Composer) Sep 17, 2024
usdResponsibleDisclosure
czim/file-handling vulnerable to SSRF and directory traversal Moderate
CVE-2024-47049 was published for czim/file-handling (Composer) Sep 17, 2024
Composio Path Traversal vulnerability Moderate
CVE-2024-8865 was published for composio-core (pip) Sep 16, 2024
Magento Open Source Path Traversal vulnerability Moderate
CVE-2024-39406 was published for magento/community-edition (Composer) Aug 14, 2024
Grafana Arbitrary File Read Moderate
CVE-2019-19499 was published for github.com/grafana/grafana (Go) Jan 31, 2024
Cherry Music directory traversal vulnerability Moderate
CVE-2015-8309 was published for CherryMusic (pip) May 17, 2022
Apache Airflow Path Traversal vulnerability Moderate
CVE-2023-22887 was published for apache-airflow (pip) Jul 12, 2023
sunSUNQ
Path Traversal in Ansible Moderate
CVE-2020-1735 was published for ansible (pip) Apr 7, 2021
jhampson-dbre
Ansible Path Traversal vulnerability Moderate
CVE-2019-3828 was published for ansible (pip) Apr 15, 2019
Path Traversal in bikshed Moderate
CVE-2021-23423 was published for bikeshed (pip) Aug 30, 2021
Path Traversal in Ansible Moderate
CVE-2020-10691 was published for ansible (pip) Apr 20, 2021
tdunlap607
aiohttp is vulnerable to directory traversal Moderate
CVE-2024-23334 was published for aiohttp (pip) Jan 29, 2024
lcttty solarpeng502
Mage AI Path Traversal vulnerability Moderate
CVE-2024-45189 was published for mage-ai (pip) Aug 23, 2024
Mage AI Path Traversal vulnerability Moderate
CVE-2024-45188 was published for mage-ai (pip) Aug 23, 2024
Path traveral in Streamlit on windows Moderate
CVE-2024-42474 was published for streamlit (pip) Aug 12, 2024
nvn1729
CometVisu Backend for openHAB has a path traversal vulnerability Moderate
CVE-2024-42468 was published for org.openhab.ui.bundles:org.openhab.ui.cometvisu (Maven) Aug 9, 2024
p- peuter
Path traversal allows leaking out-of-bound files from Argo CD repo-server Moderate
CVE-2022-24731 was published for github.com/argoproj/argo-cd (Go) Mar 24, 2022
alexmt
Kubernetes Secrets Store CSI Driver plugins arbitrary file write Moderate
CVE-2020-8567 was published for github.com/Azure/secrets-store-csi-driver-provider-azure (Go) May 24, 2022
ProTip! Advisories are also available from the GraphQL API