Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,651
Maven
5,000+
npm
4,279
NuGet
760
pip
4,066
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

243 advisories

Loading
CherryPy Malicious cookies allow access to files outside the session directory High
CVE-2008-0252 was published for cherrypy (pip) May 1, 2022
anonymous4ACL24
Credited to anonymous4ACL24
Directory Traversal in pyftpdlib Moderate
CVE-2007-6736 was published for pyftpdlib (pip) May 1, 2022
CherryPy Directory traversal vulnerability High
CVE-2006-0847 was published for cherrypy (pip) May 1, 2022
Roundup Directory traversal vulnerability Moderate
CVE-2004-1444 was published for Roundup (pip) Apr 29, 2022
pgAdmin 4 Path Traversal vulnerability Moderate
CVE-2022-0959 was published for pgadmin4 (pip) Mar 17, 2022
Path traversal in FreeTAKServer-UI Moderate
CVE-2022-25511 was published for FreeTAKServer-UI (pip) Mar 12, 2022
Path traversal in Pillow High
CVE-2022-24303 was published for Pillow (pip) Mar 11, 2022
sunSUNQ
Credited to sunSUNQ
Mercurial Path Traversal/Link Following vulnerability Moderate
CVE-2019-3902 was published for mercurial (pip) Feb 15, 2022
Files on the host computer can be accessed from the Gradio interface Critical
CVE-2021-43831 was published for gradio (pip) Jan 21, 2022
haby0
Credited to haby0
Path traversal in Onionshare Moderate
CVE-2022-21693 was published for onionshare-cli (pip) Jan 21, 2022
Directory-traversal in Django Moderate
CVE-2021-45452 was published for Django (pip) Jan 12, 2022
tdunlap607
Credited to tdunlap607
Path Traversal in nemo-toolkit Moderate
CVE-2022-22821 was published for nemo-toolkit (pip) Jan 11, 2022
S3Scanner allows Directory Traversal Moderate
CVE-2021-32061 was published for s3scanner (pip) Nov 30, 2021
Arbitrary file reading vulnerability in Aim Critical
CVE-2021-43775 was published for aim (pip) Nov 23, 2021
haby0
Credited to haby0
Path traversal in Matrix Synapse High
CVE-2021-41281 was published for matrix-synapse (pip) Nov 23, 2021
Maliciously Crafted Model Archive Can Lead To Arbitrary File Write High
CVE-2021-41127 was published for rasa (pip) Oct 22, 2021
Directory Traversal in Babel High
CVE-2021-42771 was published for babel (pip) Oct 21, 2021
Client metadata path-traversal Moderate
CVE-2021-41131 was published for tuf (pip) Oct 19, 2021
jku
Credited to jku
Directory traversal in mkdocs High
CVE-2021-40978 was published for mkdocs (pip) Oct 12, 2021
Path Traversal in bikshed Moderate
CVE-2021-23423 was published for bikeshed (pip) Aug 30, 2021
Remote Code Execution via traversal in TAL expressions High
CVE-2021-32633 was published for Zope (pip) Jun 18, 2021
Path traversal in impacket Critical
CVE-2021-31800 was published for impacket (pip) Jun 18, 2021
Duplicate Advisory: Path Traversal in Zope High
GHSA-962m-m8jw-8wrr was published for Zope (pip) Jun 15, 2021 withdrawn
The Fuck Arbitrary File Deletion via Path Traversal High
CVE-2021-34363 was published for thefuck (pip) Jun 15, 2021
Duplicate Advisory: Path Traversal in Zope High
GHSA-5vq5-pg3r-9ph3 was published for Zope (pip) Jun 10, 2021 withdrawn
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database