GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
155 advisories
Filter by severity
koji hub allows arbitrary upload destinations
High
CVE-2019-17109
was published
for
koji
(pip)
May 24, 2022
MoinMoin Multiple vulnerable to directory traversal
Moderate
CVE-2012-6495
was published
for
Moin
(pip)
May 17, 2022
MoinMoin Directory Traversal vulnerability
Moderate
CVE-2012-6080
was published
for
moin
(pip)
May 17, 2022
mindsdb arbitrary file write when extracting a remotely retrieved Tarball
High
CVE-2023-30620
was published
for
mindsdb
(pip)
Mar 30, 2023
Mercurial Path Traversal/Link Following vulnerability
Moderate
CVE-2019-3902
was published
for
mercurial
(pip)
Feb 15, 2022
Path traversal in Matrix Synapse
High
CVE-2021-41281
was published
for
matrix-synapse
(pip)
Nov 23, 2021
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted PyPI package
Moderate
CVE-2022-23531
was published
for
guarddog
(pip)
Dec 2, 2022
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package
Moderate
CVE-2022-23530
was published
for
guarddog
(pip)
Dec 5, 2022
Files on the host computer can be accessed from the Gradio interface
High
CVE-2021-43831
was published
for
gradio
(pip)
Jan 21, 2022
Ganga allows absolute path traversal
Critical
CVE-2022-31507
was published
for
ganga
(pip)
Jul 13, 2022
GitPython blind local file inclusion
Moderate
CVE-2023-41040
was published
for
GitPython
(pip)
Aug 30, 2023
Flask-Cors Directory Traversal vulnerability
High
CVE-2020-25032
was published
for
Flask-Cors
(pip)
May 6, 2021
Django Directory Traversal via archive.extract
Moderate
CVE-2021-3281
was published
for
django
(pip)
Mar 18, 2021
Mesop has a local file Inclusion via static file serving functionality
High
CVE-2024-45601
was published
for
mesop
(pip)
Sep 18, 2024
Django Directory Traversal via ssi template tag
High
CVE-2013-4315
was published
for
django
(pip)
May 17, 2022
Composio Path Traversal vulnerability
Moderate
CVE-2024-8865
was published
for
composio-core
(pip)
Sep 16, 2024
Django Admin Media Handler Vulnerable to Directory Traversal
High
CVE-2009-2659
was published
for
Django
(pip)
May 2, 2022
Path Traversal in django-s3file
Critical
CVE-2022-24840
was published
for
django-s3file
(pip)
Jun 6, 2022
ProTip!
Advisories are also available from the
GraphQL API