GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,168
Erlang
30
GitHub Actions
19
Go
1,978
Maven
5,000+
npm
3,698
NuGet
656
pip
3,315
Pub
11
RubyGems
882
Rust
832
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,030 advisories
Filter by severity
Directory Traversal in jn_jj_server
High
CVE-2017-16210
was published
for
jn_jj_server
(npm)
Jul 23, 2018
Directory Traversal in fbr-client
High
CVE-2017-16217
was published
for
fbr-client
(npm)
Jul 23, 2018
Directory Traversal in dgard8.lab6
High
CVE-2017-16218
was published
for
dgard8.lab6
(npm)
Jul 23, 2018
Path Traversal in crud-file-server
High
CVE-2018-3733
was published
for
crud-file-server
(npm)
Jul 18, 2018
Diffoscope may write to arbitrary locations due to an untrusted archive
Critical
CVE-2017-0359
was published
for
diffoscope
(pip)
Jul 13, 2018
Sprockets path traversal leads to information leak
High
CVE-2018-3760
was published
for
sprockets
(RubyGems)
Jun 20, 2018
Sinatra Path Traversal vulnerability
Moderate
CVE-2018-7212
was published
for
sinatra
(RubyGems)
Feb 20, 2018
Directory traversal vulnerability in Next.js
High
CVE-2018-6184
was published
for
next
(npm)
Jan 24, 2018
Arbitrary file read vulnerability in yard server
High
CVE-2017-17042
was published
for
yard
(RubyGems)
Dec 21, 2017
Next.js Directory Traversal Vulnerability
High
CVE-2017-16877
was published
for
next
(npm)
Dec 5, 2017
Mail Gem Path Traversal vulnerability
Moderate
CVE-2012-2139
was published
for
mail
(RubyGems)
Oct 24, 2017
Wicked gem contains Path traversal vulnerability
Moderate
CVE-2013-4413
was published
for
wicked
(RubyGems)
Oct 24, 2017
Rack Vulnerable to Path Traversal
Moderate
CVE-2013-0262
was published
for
rack
(RubyGems)
Oct 24, 2017
Puppet vulnerable to Path Traversal
Low
CVE-2012-3865
was published
for
puppet
(RubyGems)
Oct 24, 2017
sprockets vulnerable to Path Traversal
Moderate
CVE-2014-7819
was published
for
sprockets
(RubyGems)
Oct 24, 2017
actionpack Path Traversal vulnerability
Moderate
CVE-2014-0130
was published
for
actionpack
(RubyGems)
Oct 24, 2017
actionpack vulnerable to Path Traversal
Moderate
CVE-2014-7818
was published
for
actionpack
(RubyGems)
Oct 24, 2017
Directory traversal vulnerability in actionpack
Moderate
CVE-2014-7829
was published
for
actionpack
(RubyGems)
Oct 24, 2017
ProTip!
Advisories are also available from the
GraphQL API