Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

63 advisories

Loading
NLTK Vulnerable To Path Traversal High
CVE-2019-14751 was published for nltk (pip) Aug 23, 2019
Path Traversal in Ansible High
CVE-2020-1737 was published for ansible (pip) Apr 20, 2021
Flask-Cors Directory Traversal vulnerability High
CVE-2020-25032 was published for Flask-Cors (pip) May 6, 2021
Path Traversal in Django High
CVE-2021-31542 was published for Django (pip) Jun 4, 2021
tdunlap607
Remote Code Execution via traversal in TAL expressions High
GHSA-rpcg-f9q6-2mq6 was published for Zope (pip) Jun 8, 2021
Path Traversal in pip High
CVE-2019-20916 was published for pip (pip) Jun 9, 2021
Path Traversal in Zope High
CVE-2021-32674 was published for Zope (pip) Jun 10, 2021
Path Traversal in Zope High
CVE-2021-32633 was published for Zope (pip) Jun 15, 2021
Directory traversal in mkdocs High
CVE-2021-40978 was published for mkdocs (pip) Oct 12, 2021
Client metadata path-traversal High
CVE-2021-41131 was published for tuf (pip) Oct 19, 2021
jku
Directory Traversal in Babel High
CVE-2021-42771 was published for babel (pip) Oct 21, 2021
Maliciously Crafted Model Archive Can Lead To Arbitrary File Write High
CVE-2021-41127 was published for rasa (pip) Oct 22, 2021
Path traversal in Matrix Synapse High
CVE-2021-41281 was published for matrix-synapse (pip) Nov 23, 2021
Arbitrary file reading vulnerability in Aim High
CVE-2021-43775 was published for aim (pip) Nov 23, 2021
haby0
Files on the host computer can be accessed from the Gradio interface High
CVE-2021-43831 was published for gradio (pip) Jan 21, 2022
haby0
CherryPy Directory traversal vulnerability High
CVE-2006-0847 was published for cherrypy (pip) May 1, 2022
CherryPy Malicious cookies allow access to files outside the session directory High
CVE-2008-0252 was published for cherrypy (pip) May 1, 2022
anonymous4ACL24
Django Admin Media Handler Vulnerable to Directory Traversal High
CVE-2009-2659 was published for Django (pip) May 2, 2022
uWSGI Directory Traversal vulnerability High
CVE-2018-7490 was published for uWSGI (pip) May 14, 2022
Sanic arbitrary file read and directory traversal High
CVE-2017-16762 was published for sanic (pip) May 17, 2022
Django Directory Traversal via ssi template tag High
CVE-2013-4315 was published for django (pip) May 17, 2022
Tryton Directory Traversal vulnerability High
CVE-2013-4510 was published for trytond (pip) May 17, 2022
Pallets Werkzeug vulnerable to Path Traversal High
CVE-2019-14322 was published for werkzeug (pip) May 24, 2022
sanic vulnerable to Path Traversal when using `app.static` if using encoded `%2F` URLs High
CVE-2022-35920 was published for sanic (pip) Aug 6, 2022
rdiffweb Path Traversal vulnerability High
CVE-2022-3389 was published for rdiffweb (pip) Oct 6, 2022
ProTip! Advisories are also available from the GraphQL API