Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

216 advisories

Loading
Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim's service High
CVE-2022-35204 was published for vite (npm) Aug 19, 2022
dloetzke stypr
Directory traversal in convert-svg-core High
CVE-2022-24278 was published for convert-svg-core (npm) Jun 11, 2022
MJML vulnerable to path traversal High
CVE-2020-12827 was published for mjml (npm) May 24, 2022
HashBrown CMS Directory Traversal High
CVE-2020-5840 was published for hashbrown-cms (npm) May 24, 2022
Total.js CMS Path Traversal High
CVE-2019-15952 was published for total4 (npm) May 24, 2022
jqueryFileTree vulnerable to Directory Traversal High
CVE-2017-1000170 was published for jqueryfiletree (npm) May 13, 2022
Path Traversal: 'dir/../../filename' in moment.locale High
CVE-2022-24785 was published for Moment.js (npm) Apr 4, 2022
Path Traversal in @finastra/ssr-pages High
CVE-2022-24718 was published for @finastra/ssr-pages (npm) Mar 1, 2022
kronoshadow
Path Traversal in Yarn High
CVE-2020-8131 was published for yarn (npm) Feb 9, 2022
Path Traversal in convert-svg packages High
CVE-2021-23631 was published for convert-svg-core (npm) Jan 27, 2022
Path Traversal in http-server-node High
CVE-2021-23797 was published for http-server-node (npm) Jan 5, 2022
Path Traversal in @backstage/plugin-scaffolder-backend High
CVE-2021-43783 was published for @backstage/plugin-scaffolder-backend (npm) Dec 1, 2021
Path traversal in atlasboard High
CVE-2021-39109 was published for atlasboard (npm) Sep 2, 2021
Directory Traversal in startserver High
CVE-2021-23430 was published for startserver (npm) Sep 2, 2021
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links High
CVE-2021-37701 was published for tar (npm) Aug 31, 2021
chen-robert ginkoid
levpachmanov
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links High
CVE-2021-37712 was published for tar (npm) Aug 31, 2021
JarLob chen-robert
ginkoid levpachmanov
Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization High
CVE-2021-37713 was published for tar (npm) Aug 31, 2021
JarLob chen-robert
ginkoid
Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization High
CVE-2021-32804 was published for tar (npm) Aug 3, 2021
ginkoid chen-robert
Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning High
CVE-2021-32803 was published for tar (npm) Aug 3, 2021
ginkoid chen-robert
levpachmanov
Path Traversal in browserless-chrome High
CVE-2020-7758 was published for browserless-chrome (npm) May 10, 2021
Path Traversal in marked-tree High
CVE-2020-7682 was published for marked-tree (npm) May 7, 2021
Path Traversal in marscode High
CVE-2020-7681 was published for marscode (npm) May 7, 2021
Path traversal in servey High
CVE-2020-8214 was published for servey (npm) May 7, 2021
Path Traversal in node-red-contrib-huemagic High
CVE-2021-25864 was published for node-red-contrib-huemagic (npm) Apr 13, 2021
Path traversal in Node-RED-Dashboard High
CVE-2021-3223 was published for node-red-dashboard (npm) Jan 29, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database