Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

65 advisories

Loading
JSZip contains Path Traversal via loadAsync Moderate
CVE-2022-48285 was published for jszip (npm) Jan 29, 2023
matrix-js-sdk has insufficient MXC URI validation which allows client-side path traversal Moderate
CVE-2024-50336 was published for matrix-js-sdk (npm) Nov 12, 2024
mapshaper Path Traversal vulnerability Moderate
CVE-2024-1163 was published for mapshaper (npm) Feb 13, 2024
JafarAkhondali
Langchain Path Traversal vulnerability Moderate
CVE-2024-7774 was published for langchain (npm) Oct 29, 2024
hinthornw
@saltcorn/server arbitrary file zip read and download when downloading auto backups Moderate
GHSA-277h-px4m-62q8 was published for @saltcorn/server (npm) Oct 3, 2024
dellalibera
@jmondi/url-to-png contains a Path Traversal vulnerability Moderate
CVE-2024-39918 was published for @jmondi/url-to-png (npm) Jul 15, 2024
realArcherL
Arbitrary file read via Playwright's screenshot feature exploiting file wrapper Moderate
CVE-2024-37169 was published for @jmondi/url-to-png (npm) Jun 5, 2024
timoxoszt jasonraimondi
Oceanic allows unsanitized user input to lead to path traversal in URLs Moderate
CVE-2024-34712 was published for oceanic.js (npm) May 14, 2024
Vendicated DonovanDMC
Nuckyz
Hono vulnerable to Restricted Directory Traversal in serveStatic with deno Moderate
CVE-2024-32869 was published for hono (npm) Apr 23, 2024
y0d3n
@hono/node-server cannot handle "double dots" in URL Moderate
CVE-2024-23340 was published for @hono/node-server (npm) Jan 23, 2024
Directory Traversal in evershop Moderate
CVE-2023-46497 was published for @evershop/evershop (npm) Dec 8, 2023
Directory Traversal in evershop Moderate
CVE-2023-46493 was published for @evershop/evershop (npm) Dec 8, 2023
Directory Traversal in Gladys Assistant Moderate
CVE-2023-47440 was published for gladys (npm) Dec 7, 2023
n8n Directory Traversal vulnerability Moderate
CVE-2023-27562 was published for n8n (npm) May 10, 2023
MarkLee131
Gatsby develop server has Local File Inclusion vulnerability Moderate
CVE-2023-34238 was published for gatsby (npm) Jun 9, 2023
Ghost vulnerable to arbitrary file read via symlinks in content import Moderate
CVE-2023-40028 was published for ghost (npm) Aug 15, 2023
ixSly
Cloudflare Wrangler directory traversal vulnerability Moderate
CVE-2023-3348 was published for wrangler (npm) Aug 3, 2023
@simonsmith/cypress-image-snapshothas fix for insecure snapshot file names Moderate
CVE-2023-38695 was published for @simonsmith/cypress-image-snapshot (npm) Aug 1, 2023
thib3113 simonsmith
Path traversal vulnerability in gatsby-plugin-sharp Moderate
CVE-2023-30548 was published for gatsby-plugin-sharp (npm) Apr 20, 2023
Arbitrary File Write via Archive Extraction in unzipper Moderate
CVE-2018-1002203 was published for unzipper (npm) Jul 27, 2018
Path Traversal in simplehttpserver Moderate
CVE-2018-16478 was published for simplehttpserver (npm) Dec 6, 2018
m-server Vulnerable to Directory Traversal Moderate
CVE-2018-16485 was published for m-server (npm) Feb 18, 2019
Arbitrary File Write in adm-zip Moderate
CVE-2018-1002204 was published for adm-zip (npm) Jul 27, 2018
ProTip! Advisories are also available from the GraphQL API