GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
534 advisories
mindsdb arbitrary file write when extracting a remotely retrieved Tarball
High
CVE-2023-30620
was published
for
mindsdb
(pip)
Mar 30, 2023
Go-huge-util vulnerable to path traversal when unzipping files
High
CVE-2023-28105
was published
for
github.com/dablelv/go-huge-util
(Go)
Mar 16, 2023
HL7 FHIR Partial Path Zip Slip due to bypass of CVE-2023-24057
High
CVE-2023-28465
was published
for
ca.uhn.hapi.fhir:org.hl7.fhir.convertors
(Maven)
Mar 10, 2023
Goutil vulnerable to path traversal when unzipping files
High
CVE-2023-27475
was published
for
github.com/gookit/goutil
(Go)
Mar 7, 2023
mrpack-install vulnerable to path traversal with dependency
High
CVE-2023-25307
was published
for
github.com/nothub/mrpack-install
(Go)
Feb 8, 2023
Warp vulnerable to Path Traversal via Improper validation of Windows paths
High
GHSA-8v4j-7jgf-5rg9
was published
for
warp
(Rust)
Jan 31, 2023
Directory Traversal vulnerability in serve-lite
High
CVE-2022-21192
was published
for
serve-lite
(npm)
Jan 26, 2023
Yapscan's report receiver server vulnerable to path traversal and log injection
High
GHSA-9h6h-9g78-86f7
was published
for
github.com/fkie-cad/yapscan
(Go)
Dec 29, 2022
ProTip!
Advisories are also available from the
GraphQL API