GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
62 advisories
Filter by severity
Composio Path Traversal vulnerability
Moderate
CVE-2024-8865
was published
for
composio-core
(pip)
Sep 16, 2024
Mage AI Path Traversal vulnerability
Moderate
CVE-2024-45188
was published
for
mage-ai
(pip)
Aug 23, 2024
Mage AI Path Traversal vulnerability
Moderate
CVE-2024-45189
was published
for
mage-ai
(pip)
Aug 23, 2024
Path traveral in Streamlit on windows
Moderate
CVE-2024-42474
was published
for
streamlit
(pip)
Aug 12, 2024
Directory creation by malicious user in saltstack
Moderate
CVE-2024-22231
was published
for
salt
(pip)
Jun 27, 2024
CodeChecker has a Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store`
Moderate
CVE-2023-49793
was published
for
codechecker
(pip)
Jun 24, 2024
langchain vulnerable to path traversal
Moderate
CVE-2024-3571
was published
for
langchain
(pip)
Apr 16, 2024
Whoogle Search Path Traversal vulnerability
Moderate
CVE-2024-22204
was published
for
whoogle-search
(pip)
Mar 14, 2024
aiohttp is vulnerable to directory traversal
Moderate
CVE-2024-23334
was published
for
aiohttp
(pip)
Jan 29, 2024
Ansible symlink attack vulnerability
Moderate
CVE-2023-5115
was published
for
ansible
(pip)
Dec 28, 2023
Ansible galaxy-importer Path Traversal vulnerability
Moderate
CVE-2023-5189
was published
for
galaxy-importer
(pip)
Nov 15, 2023
Wagtail CRX CodeRed Extensions vulnerable to Path Traversal
Moderate
CVE-2021-46897
was published
for
coderedcms
(pip)
Oct 22, 2023
GitPython blind local file inclusion
Moderate
CVE-2023-41040
was published
for
GitPython
(pip)
Aug 30, 2023
Pyramid static view path traversal up one directory
Moderate
CVE-2023-40587
was published
for
pyramid
(pip)
Aug 25, 2023
Apache Airflow Path Traversal vulnerability
Moderate
CVE-2023-22887
was published
for
apache-airflow
(pip)
Jul 12, 2023
pretalx allows path traversal in HTML export
Moderate
CVE-2023-28458
was published
for
pretalx
(pip)
Apr 20, 2023
pretalx vulnerable to path traversal in HTML export
Moderate
CVE-2023-28459
was published
for
pretalx
(pip)
Apr 20, 2023
pgAdmin 4 vulnerable to directory traversal
Moderate
CVE-2023-0241
was published
for
pgadmin4
(pip)
Mar 27, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment
Moderate
CVE-2022-3101
was published
for
tripleo-ansible
(pip)
Mar 23, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment
Moderate
CVE-2022-3146
was published
for
tripleo-ansible
(pip)
Mar 23, 2023
OpenStack Cinder, glance, and Nova vulnerable to Path Traversal
Moderate
CVE-2022-47951
was published
for
cinder
(pip)
Jan 27, 2023
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package
Moderate
CVE-2022-23530
was published
for
guarddog
(pip)
Dec 5, 2022
ProTip!
Advisories are also available from the
GraphQL API