GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
107 advisories
Filter by severity
Spark allows remote attackers to read arbitrary files via a .. (dot dot) in the URI
High
CVE-2016-9177
was published
for
com.sparkjava:spark-core
(Maven)
Oct 4, 2018
Pivotal Spring Framework Paths provided to the ResourceServlet were not properly sanitized
High
CVE-2016-9878
was published
for
org.springframework:spring-webmvc
(Maven)
Oct 4, 2018
In blynk-server a Directory Traversal exists
High
CVE-2018-17785
was published
for
com.github.blynkkk:blynk-server
(Maven)
Oct 17, 2018
Unzip function in ZipUtil.java in Hutool allows remote attackers to overwrite arbitrary files via directory traversal
High
CVE-2018-17297
was published
for
cn.hutool:hutool-all
(Maven)
Oct 17, 2018
Improper Limitation of a Pathname ('Path Traversal') in org.apache.solr:solr-core
High
CVE-2017-3163
was published
for
org.apache.solr:solr-core
(Maven)
Oct 18, 2018
High severity vulnerability that affects org.dspace:dspace-xmlui
High
CVE-2016-10726
was published
for
org.dspace:dspace-xmlui
(Maven)
Oct 19, 2018
Path Traversal in minsoft:ms-mcms
High
CVE-2018-18831
was published
for
net.mingsoft:ms-mcms
(Maven)
Nov 1, 2018
XXL-CONF Path Traversal vulnerability
High
CVE-2018-20094
was published
for
com.xuxueli:xxl-conf-admin
(Maven)
Dec 19, 2018
Directory Traversal vulnerability in Square Retrofit
High
CVE-2018-1000850
was published
for
com.squareup.retrofit2:retrofit
(Maven)
Dec 21, 2018
Path Traversal in Hadoop
High
CVE-2018-8009
was published
for
org.apache.hadoop:hadoop-main
(Maven)
Dec 21, 2018
Improper Limitation of a Pathname ('Path Traversal') in org.apache.jspwiki:jspwiki-war
High
CVE-2019-0225
was published
for
org.apache.jspwiki:jspwiki-war
(Maven)
Apr 8, 2019
Path Traversal in Apache Camel
High
CVE-2019-0194
was published
for
org.apache.camel:camel-core
(Maven)
May 2, 2019
Path Traversal in DKPro Core
High
CVE-2019-11082
was published
for
de.tudarmstadt.ukp.dkpro.core:de.tudarmstadt.ukp.dkpro.core.api.datasets-asl
(Maven)
May 29, 2019
Path traversal attack on Windows platforms
High
CVE-2019-0207
was published
for
org.apache.tapestry:tapestry-core
(Maven)
Nov 18, 2019
Directory traversal attack in Spring Cloud Config
High
CVE-2020-5410
was published
for
org.springframework.cloud:spring-cloud-config-server
(Maven)
Jun 5, 2020
Directory Traversal in spring-boot-actuator-logview
High
CVE-2021-21234
was published
for
eu.hinsch:spring-boot-actuator-logview
(Maven)
Jan 5, 2021
Path Traversal in Apache Flink
High
CVE-2020-17519
was published
for
org.apache.flink:flink-runtime_2.11
(Maven)
Jan 6, 2021
Path Traversal in the Java Kubernetes Client
High
CVE-2020-8570
was published
for
io.kubernetes:client-java
(Maven)
Jan 29, 2021
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in micronaut-core
High
CVE-2021-32769
was published
for
io.micronaut:micronaut-http-server-netty
(Maven)
Jul 26, 2021
Directory traversal in Eclipse Mojarra
High
CVE-2020-6950
was published
for
org.glassfish:mojarra-parent
(Maven)
Sep 1, 2021
Path Traversal in com.linecorp.armeria:armeria
High
CVE-2021-43795
was published
for
com.linecorp.armeria:armeria
(Maven)
Dec 2, 2021
Path Traversal in Jenkins Warnings Next Generation Plugin
High
CVE-2022-23107
was published
for
io.jenkins.plugins:warnings-ng
(Maven)
Jan 21, 2022
Path Traversal
High
CVE-2020-14366
was published
for
org.keycloak:keycloak-parent
(Maven)
Feb 9, 2022
Upload of file to arbitrary path in Apache Flink
High
CVE-2020-17518
was published
for
org.apache.flink:flink-runtime
(Maven)
Feb 9, 2022
Path Traversal in Crafter CMS Crafter Studio
High
CVE-2017-15684
was published
for
org.craftercms:crafter-studio
(Maven)
Feb 9, 2022
ProTip!
Advisories are also available from the
GraphQL API