GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
102 advisories
Filter by severity
Improper Limitation of a Pathname to a Restricted Directory in Fabric8 Kubernetes Client
High
CVE-2021-20218
was published
for
io.fabric8:kubernetes-client
(Maven)
May 24, 2022
Path traversal vulnerability in Jenkins agent names
High
CVE-2021-21605
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Jenkins Support Core Plugin allowed users with Overall/Read permission to delete arbitrary files
High
CVE-2019-16540
was published
for
org.jenkins-ci.plugins:support-core
(Maven)
May 24, 2022
Mule modules contain Directory Traversal
High
CVE-2019-15630
was published
for
org.mule.runtime:mule
(Maven)
May 24, 2022
Path traversal in Gitblit
High
CVE-2022-31268
was published
for
com.gitblit:gitblit
(Maven)
May 22, 2022
Path traversal in Jenkins Git Mercurial and Repo Plugins
High
CVE-2022-30947
was published
for
org.jenkins-ci.plugins:git
(Maven)
May 18, 2022
Path Traversal in Apache Jetspeed
High
CVE-2016-0709
was published
for
org.apache.portals.jetspeed-2:jetspeed
(Maven)
May 17, 2022
Path Traversal in Apache Atlas
High
CVE-2016-8752
was published
for
org.apache.atlas:atlas-common
(Maven)
May 17, 2022
Apache Storm log viewer path traversal vulnerability
High
CVE-2014-0115
was published
for
org.apache.storm:storm
(Maven)
May 17, 2022
Apache ODE Path Traversal vulnerability
High
CVE-2018-1316
was published
for
org.apache.ode:ode
(Maven)
May 14, 2022
Path Traversal in OWASP Dependency-Check
High
CVE-2018-12036
was published
for
org.owasp:dependency-check-maven
(Maven)
May 14, 2022
Path Traversal in Eclipse Mojarra
High
CVE-2018-14371
was published
for
org.glassfish:mojarra-parent
(Maven)
May 14, 2022
Apache Geronimo Application Server multiple directory traversal vulnerabilities
High
CVE-2008-5518
was published
for
org.apache.geronimo.plugins:console
(Maven)
May 14, 2022
Asset Pipeline plugin for Grails vulnerable to Path Traversal
High
CVE-2018-17605
was published
for
org.grails.plugins:asset-pipeline
(Maven)
May 14, 2022
RDF4J vulnerable to zip slip
High
CVE-2018-20227
was published
for
org.eclipse.rdf4j:rdf4j
(Maven)
May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
High
CVE-2017-7675
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Asset Pipeline Grails Plugin vulnerable to Path Traversal
High
CVE-2018-1000817
was published
for
org.grails.plugins:asset-pipeline
(Maven)
May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jenkins
High
CVE-2018-1000863
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
Path Traversal in io.hawt:project
High
CVE-2017-2594
was published
for
io.hawt:project
(Maven)
May 13, 2022
Play Framework's Assets controller vulnerable to directory traversal
High
CVE-2018-13864
was published
for
com.typesafe.play:play_2.12
(Maven)
May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jboss EAP Undertow
High
CVE-2018-1048
was published
for
org.jboss.eap:wildfly-undertow
(Maven)
May 13, 2022
Path Traversal in Jenkins
High
CVE-2018-1000194
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
Arbitrary filesystem write access from velocity.
High
CVE-2022-24897
was published
for
org.xwiki.commons:xwiki-commons-velocity
(Maven)
Apr 28, 2022
Path traversal in the OWASP Enterprise Security API
High
CVE-2022-23457
was published
for
org.owasp.esapi:esapi
(Maven)
Apr 27, 2022
Path Traversal in Caucho Resin
High
CVE-2021-44138
was published
for
com.caucho:resin
(Maven)
Apr 5, 2022
ProTip!
Advisories are also available from the
GraphQL API