Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,901
Maven
5,000+
npm
3,631
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

62 advisories

Loading
Composio Path Traversal vulnerability Moderate
CVE-2024-8865 was published for composio-core (pip) Sep 16, 2024
Mage AI Path Traversal vulnerability Moderate
CVE-2024-45188 was published for mage-ai (pip) Aug 23, 2024
Mage AI Path Traversal vulnerability Moderate
CVE-2024-45189 was published for mage-ai (pip) Aug 23, 2024
Path traveral in Streamlit on windows Moderate
CVE-2024-42474 was published for streamlit (pip) Aug 12, 2024
nvn1729
Directory creation by malicious user in saltstack Moderate
CVE-2024-22231 was published for salt (pip) Jun 27, 2024
CodeChecker has a Path traversal in `CodeChecker server` in the endpoint of `CodeChecker store` Moderate
CVE-2023-49793 was published for codechecker (pip) Jun 24, 2024
Discookie vodorok
whisperity Szelethus bruntib
langchain vulnerable to path traversal Moderate
CVE-2024-3571 was published for langchain (pip) Apr 16, 2024
Whoogle Search Path Traversal vulnerability Moderate
CVE-2024-22204 was published for whoogle-search (pip) Mar 14, 2024
aiohttp is vulnerable to directory traversal Moderate
CVE-2024-23334 was published for aiohttp (pip) Jan 29, 2024
lcttty solarpeng502
Ansible symlink attack vulnerability Moderate
CVE-2023-5115 was published for ansible (pip) Dec 28, 2023
TorchServe ZipSlip Moderate
CVE-2023-48299 was published for torchserve (pip) Nov 21, 2023
Ansible galaxy-importer Path Traversal vulnerability Moderate
CVE-2023-5189 was published for galaxy-importer (pip) Nov 15, 2023
Wagtail CRX CodeRed Extensions vulnerable to Path Traversal Moderate
CVE-2021-46897 was published for coderedcms (pip) Oct 22, 2023
Blind local file inclusion Moderate
CVE-2023-41040 was published for GitPython (pip) Aug 30, 2023
stsewd m3t3kh4n
EliahKagan
Pyramid static view path traversal up one directory Moderate
CVE-2023-40587 was published for pyramid (pip) Aug 25, 2023
Apache Airflow Path Traversal vulnerability Moderate
CVE-2023-22887 was published for apache-airflow (pip) Jul 12, 2023
sunSUNQ
pretalx vulnerable to path traversal in HTML export Moderate
CVE-2023-28459 was published for pretalx (pip) Apr 20, 2023
pretalx allows path traversal in HTML export Moderate
CVE-2023-28458 was published for pretalx (pip) Apr 20, 2023
pgAdmin 4 vulnerable to directory traversal Moderate
CVE-2023-0241 was published for pgadmin4 (pip) Mar 27, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment Moderate
CVE-2022-3101 was published for tripleo-ansible (pip) Mar 23, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment Moderate
CVE-2022-3146 was published for tripleo-ansible (pip) Mar 23, 2023
Path traversal in ubi-reader Moderate
CVE-2023-0591 was published for ubi-reader (pip) Jan 31, 2023
qkaiser
OpenStack Cinder, glance, and Nova vulnerable to Path Traversal Moderate
CVE-2022-47951 was published for cinder (pip) Jan 27, 2023
Path traversal in spotipy Moderate
CVE-2023-23608 was published for spotipy (pip) Jan 23, 2023
Shaderbug
GuardDog vulnerable to arbitrary file write when scanning a specially-crafted remote PyPI package Moderate
CVE-2022-23530 was published for guarddog (pip) Dec 5, 2022
Sim4n6
ProTip! Advisories are also available from the GraphQL API