Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

405 advisories

Loading
Symlink Arbitrary File Overwrite in tar High
CVE-2015-8860 was published for tar (npm) Oct 24, 2017
Jekyll allows attackers to access arbitrary files by specifying a symlink High
CVE-2018-17567 was published for jekyll (RubyGems) Sep 28, 2018
Link Following in ansible High
CVE-2016-3096 was published for ansible (pip) Oct 10, 2018
Arbitrary File Overwrite in tar High
CVE-2018-20834 was published for tar (npm) May 1, 2019
Arbitrary File Overwrite in fstream High
CVE-2019-13173 was published for fstream (npm) May 30, 2019
Arbitrary File Write in npm High
CVE-2019-16775 was published for npm (npm) Dec 13, 2019
DanielRuf
Remote Code Execution in SCIMono High
CVE-2021-21479 was published for com.sap.scimono:scimono-server (Maven) Feb 10, 2021
Directory Traversal in Archive_Tar High
CVE-2021-32610 was published for pear/archive_tar (Composer) Aug 9, 2021
Arbitrary file overwrite in tar-rs High
CVE-2018-20990 was published for tar (Rust) Aug 25, 2021
tdunlap607
Permissions bypass in pleaser High
CVE-2021-31154 was published for pleaser (Rust) Aug 25, 2021
another-rex
UNIX Symbolic Link (Symlink) Following in @npmcli/arborist High
CVE-2021-39135 was published for @npmcli/arborist (npm) Aug 31, 2021
JarLob KateCatlin
@npmcli/arborist vulnerable to UNIX Symbolic Link (Symlink) Following High
CVE-2021-39134 was published for @npmcli/arborist (npm) Aug 31, 2021
ginkoid chen-robert
Windows Setup Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-43237 was published Dec 16, 2021
Link Following in Iris High
CVE-2021-23772 was published for github.com/kataras/iris (Go) Jan 6, 2022
kataras
ProTip! Advisories are also available from the GraphQL API