GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
mlflow is vulnerable to remote file access in `mlflow server` and `mlflow ui` CLIs
Critical
CVE-2023-1177
was published
for
mlflow
(pip)
Mar 24, 2023
mlflow Path Traversal vulnerability
Critical
CVE-2023-2780
was published
for
mlflow
(pip)
May 17, 2023
MLflow Local File Disclosure Vulnerability
High
CVE-2023-6977
was published
for
mlflow
(pip)
Dec 20, 2023
MLFlow Path Traversal Vulnerability
Critical
CVE-2023-6975
was published
for
mlflow
(pip)
Dec 20, 2023
mlflow vulnerable to Path Traversal
Critical
CVE-2024-3573
was published
for
mlflow
(pip)
Apr 16, 2024
MLflow has a Local File Read/Path Traversal bypass
High
CVE-2024-3848
was published
for
mlflow
(pip)
May 16, 2024
Remote Code Execution via path traversal bypass in lollms
Critical
CVE-2024-5443
was published
for
lollms
(pip)
Jun 22, 2024
lollms vulnerable to dot-dot-slash path traversal in XTTS server
High
CVE-2024-6139
was published
for
lollms
(pip)
Jun 27, 2024
ProTip!
Advisories are also available from the
GraphQL API