Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

261 advisories

Loading
path traversal in Jooby Moderate
CVE-2020-7647 was published for io.jooby:jooby (Maven) May 13, 2020
Moderate severity vulnerability that affects com.sparkjava:spark-core Moderate
CVE-2018-9159 was published for com.sparkjava:spark-core (Maven) Oct 19, 2018
High severity vulnerability that affects org.dspace:dspace-xmlui High
CVE-2016-10726 was published for org.dspace:dspace-xmlui (Maven) Oct 19, 2018
In blynk-server a Directory Traversal exists High
CVE-2018-17785 was published for com.github.blynkkk:blynk-server (Maven) Oct 17, 2018
Moderate severity vulnerability that affects org.apache.karaf:apache-karaf and org.apache.karaf:karaf Moderate
CVE-2019-0191 was published for org.apache.karaf:apache-karaf (Maven) Mar 25, 2019
Spark allows remote attackers to read arbitrary files via a .. (dot dot) in the URI High
CVE-2016-9177 was published for com.sparkjava:spark-core (Maven) Oct 4, 2018
Moderate severity vulnerability that affects org.apache.tika:tika-core Moderate
CVE-2018-11762 was published for org.apache.tika:tika-core (Maven) Oct 17, 2018
Unzip function in ZipUtil.java in Hutool allows remote attackers to overwrite arbitrary files via directory traversal High
CVE-2018-17297 was published for cn.hutool:hutool-all (Maven) Oct 17, 2018
Directory traversal in Apache RocketMQ Moderate
CVE-2019-17572 was published for org.apache.rocketmq:rocketmq-broker (Maven) Jul 1, 2020
Directory Traversal vulnerability in Square Retrofit High
CVE-2018-1000850 was published for com.squareup.retrofit2:retrofit (Maven) Dec 21, 2018
Path Traversal in minsoft:ms-mcms High
CVE-2018-18831 was published for net.mingsoft:ms-mcms (Maven) Nov 1, 2018
Improper Limitation of a Pathname ('Path Traversal') in org.apache.jspwiki:jspwiki-war High
CVE-2019-0225 was published for org.apache.jspwiki:jspwiki-war (Maven) Apr 8, 2019
Improper Limitation of a Pathname ('Path Traversal') in org.apache.solr:solr-core High
CVE-2017-3163 was published for org.apache.solr:solr-core (Maven) Oct 18, 2018
Gravitee API Management contains Path Traversal High
CVE-2022-38723 was published for io.gravitee.apim:gravitee-api-management (Maven) Jan 4, 2023
org.neo4j.procedure:apoc Path Traversal Vulnerability High
CVE-2022-23532 was published for org.neo4j.procedure:apoc (Maven) Jan 13, 2023
Keycloak vulnerable to path traversal via double URL encoding Critical
CVE-2022-3782 was published for org.keycloak:keycloak-parent (Maven) Dec 13, 2022
Path traversal in Jenkins Phoenix AutoTest Plugin Moderate
CVE-2022-28156 was published for com.surenpi.jenkins:phoenix-autotest (Maven) Mar 30, 2022
Path traversal in Hadoop Critical
CVE-2022-26612 was published for org.apache.hadoop:hadoop-common (Maven) Apr 8, 2022
Path Traversal in Caucho Resin High
CVE-2021-44138 was published for com.caucho:resin (Maven) Apr 5, 2022
Path Traversal in Jenkins High
CVE-2018-1000194 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in zt-zip Moderate
CVE-2018-1002201 was published for org.zeroturnaround:zt-zip (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in JCraft JSch Moderate
CVE-2016-5725 was published for com.jcraft:jsch (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Elasticsearch Moderate
CVE-2015-5531 was published for org.elasticsearch:elasticsearch (Maven) May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jboss EAP Undertow High
CVE-2018-1048 was published for org.jboss.eap:wildfly-undertow (Maven) May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in plexus-archiver Moderate
CVE-2018-1002200 was published for org.codehaus.plexus:plexus-archiver (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database