Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

358 advisories

Loading
OpenStack Nova Directory traversal vulnerability Moderate
CVE-2012-3360 was published for nova (pip) May 17, 2022
Buildah allows arbitrary directory mount Moderate
CVE-2024-9675 was published for github.com/containers/buildah (Go) Oct 9, 2024
Statamic CMS has a Path Traversal in Asset Upload Moderate
CVE-2024-52600 was published for statamic/cms (Composer) Nov 19, 2024
SamSchroderBSG
GitPython blind local file inclusion Moderate
CVE-2023-41040 was published for GitPython (pip) Aug 30, 2023
stsewd m3t3kh4n
EliahKagan
Path traversal in ubi-reader Moderate
CVE-2023-0591 was published for ubi-reader (pip) Jan 31, 2023
qkaiser
UBI Reader vulnerable to Path Traversal Moderate
CVE-2022-4572 was published for ubi-reader (pip) Dec 17, 2022
Client metadata path-traversal Moderate
CVE-2021-41131 was published for tuf (pip) Oct 19, 2021
jku
FitNesse Path Traversal Moderate
CVE-2024-42499 was published for org.fitnesse:fitnesse (Maven) Nov 15, 2024
Owncast Path Traversal vulnerability Moderate
CVE-2024-31450 was published for github.com/owncast/owncast (Go) Aug 5, 2024
JSZip contains Path Traversal via loadAsync Moderate
CVE-2022-48285 was published for jszip (npm) Jan 29, 2023
matrix-js-sdk has insufficient MXC URI validation which allows client-side path traversal Moderate
CVE-2024-50336 was published for matrix-js-sdk (npm) Nov 12, 2024
Moodle LFI vulnerability when restoring malformed block backups Moderate
CVE-2024-43440 was published for moodle/moodle (Composer) Nov 7, 2024
Gradio vulnerable to arbitrary file read with File and UploadButton components Moderate
CVE-2024-51751 was published for gradio (pip) Nov 6, 2024
ifratric
mapshaper Path Traversal vulnerability Moderate
CVE-2024-1163 was published for mapshaper (npm) Feb 13, 2024
JafarAkhondali
changedetection.io Path Traversal Moderate
CVE-2024-51483 was published for changedetection.io (pip) Nov 1, 2024
chasebowman-contrast
Langchain Path Traversal vulnerability Moderate
CVE-2024-7774 was published for langchain (npm) Oct 29, 2024
hinthornw
Jenkins HTML Publisher Plugin Path traversal vulnerability Moderate
CVE-2024-28151 was published for org.jenkins-ci.plugins:htmlpublisher (Maven) Mar 6, 2024
MPXJ has a Potential Path Traversal Vulnerability Moderate
CVE-2024-49771 was published for MPXJ.Net (RubyGems) Oct 28, 2024
Starlette has Path Traversal vulnerability in StaticFiles Moderate
CVE-2023-29159 was published for starlette (pip) May 17, 2023
aminalaee
S3Scanner allows Directory Traversal Moderate
CVE-2021-32061 was published for s3scanner (pip) Nov 30, 2021
Werkzeug safe_join not safe on Windows Moderate
CVE-2024-49766 was published for Werkzeug (pip) Oct 25, 2024
nvn1729
SaltStack Salt Directory Traversal vulnerability in salt-api Moderate
CVE-2018-15750 was published for salt (pip) May 13, 2022
Absolute path traversal vulnerability in digdag server Moderate
CVE-2024-25125 was published for io.digdag:digdag-server (Maven) Feb 14, 2024
p-
Directory Traversal in pyftpdlib Moderate
CVE-2007-6736 was published for pyftpdlib (pip) May 1, 2022
ProTip! Advisories are also available from the GraphQL API