Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

117 advisories

Loading
path traversal in Jooby Moderate
CVE-2020-7647 was published for io.jooby:jooby (Maven) May 13, 2020
Moderate severity vulnerability that affects com.sparkjava:spark-core Moderate
CVE-2018-9159 was published for com.sparkjava:spark-core (Maven) Oct 19, 2018
Moderate severity vulnerability that affects org.apache.karaf:apache-karaf and org.apache.karaf:karaf Moderate
CVE-2019-0191 was published for org.apache.karaf:apache-karaf (Maven) Mar 25, 2019
Moderate severity vulnerability that affects org.apache.tika:tika-core Moderate
CVE-2018-11762 was published for org.apache.tika:tika-core (Maven) Oct 17, 2018
Directory traversal in Apache RocketMQ Moderate
CVE-2019-17572 was published for org.apache.rocketmq:rocketmq-broker (Maven) Jul 1, 2020
Path traversal in Jenkins Phoenix AutoTest Plugin Moderate
CVE-2022-28156 was published for com.surenpi.jenkins:phoenix-autotest (Maven) Mar 30, 2022
Improper Limitation of a Pathname to a Restricted Directory in zt-zip Moderate
CVE-2018-1002201 was published for org.zeroturnaround:zt-zip (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in JCraft JSch Moderate
CVE-2016-5725 was published for com.jcraft:jsch (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Elasticsearch Moderate
CVE-2015-5531 was published for org.elasticsearch:elasticsearch (Maven) May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in plexus-archiver Moderate
CVE-2018-1002200 was published for org.codehaus.plexus:plexus-archiver (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat Moderate
CVE-2015-5174 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in JBoss Undertow Moderate
CVE-2014-7816 was published for io.undertow:undertow-core (Maven) May 17, 2022
Improper Limitation of a Pathname to a Restricted Directory in WildFly Moderate
CVE-2018-10862 was published for org.wildfly.core:wildfly-server (Maven) May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Zip4j Moderate
CVE-2018-1002202 was published for net.lingala.zip4j:zip4j (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Elasticsearch Moderate
CVE-2015-3337 was published for org.elasticsearch:elasticsearch (Maven) May 17, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jenkins Google OAuth Credentials Plugin Moderate
CVE-2019-10436 was published for org.jenkins-ci.plugins:google-oauth-plugin (Maven) May 24, 2022
Neo4j Graph apoc plugins Partial Path Traversal Vulnerability Moderate
CVE-2022-37423 was published for org.neo4j.procedure:apoc (Maven) Aug 12, 2022
JLLeitschuh
Path Traversal In Eclipse GlassFish Moderate
CVE-2022-2712 was published for org.glassfish.main.web:web (Maven) Jan 27, 2023
Path Traversal in Gravitee API Management Moderate
CVE-2019-25075 was published for io.gravitee.apim:gravitee-api-management (Maven) Aug 24, 2022
Jenkins HTML Publisher Plugin path traversal vulnerability Moderate
CVE-2018-1000175 was published for org.jenkins-ci.plugins:htmlpublisher (Maven) May 14, 2022
Apache Karaf vulnerable to relative path traversal Moderate
CVE-2019-0226 was published for org.apache.karaf.config:org.apache.karaf.config.core (Maven) May 24, 2022
Arbitrary file read vulnerability in Copy data to workspace Jenkins Plugin Moderate
CVE-2020-2275 was published for org.jvnet.hudson.plugins:copy-data-to-workspace-plugin (Maven) May 24, 2022
NotMyFault
Arbitrary file read vulnerability in Jenkins Persona Plugin Moderate
CVE-2020-2293 was published for org.jenkins-ci.plugins:persona (Maven) May 24, 2022
NotMyFault
Path Traversal in Apache Oozie Moderate
CVE-2017-15712 was published for org.apache.oozie:oozie-core (Maven) May 14, 2022
MPXJ path Traversal vulnerability Moderate
CVE-2020-35460 was published for net.sf.mpxj:mpxj (Maven) Dec 18, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database