GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
117 advisories
Filter by severity
path traversal in Jooby
Moderate
CVE-2020-7647
was published
for
io.jooby:jooby
(Maven)
May 13, 2020
Moderate severity vulnerability that affects com.sparkjava:spark-core
Moderate
CVE-2018-9159
was published
for
com.sparkjava:spark-core
(Maven)
Oct 19, 2018
Moderate severity vulnerability that affects org.apache.karaf:apache-karaf and org.apache.karaf:karaf
Moderate
CVE-2019-0191
was published
for
org.apache.karaf:apache-karaf
(Maven)
Mar 25, 2019
Moderate severity vulnerability that affects org.apache.tika:tika-core
Moderate
CVE-2018-11762
was published
for
org.apache.tika:tika-core
(Maven)
Oct 17, 2018
Directory traversal in Apache RocketMQ
Moderate
CVE-2019-17572
was published
for
org.apache.rocketmq:rocketmq-broker
(Maven)
Jul 1, 2020
Path traversal in Jenkins Phoenix AutoTest Plugin
Moderate
CVE-2022-28156
was published
for
com.surenpi.jenkins:phoenix-autotest
(Maven)
Mar 30, 2022
Improper Limitation of a Pathname to a Restricted Directory in zt-zip
Moderate
CVE-2018-1002201
was published
for
org.zeroturnaround:zt-zip
(Maven)
May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in JCraft JSch
Moderate
CVE-2016-5725
was published
for
com.jcraft:jsch
(Maven)
May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Elasticsearch
Moderate
CVE-2015-5531
was published
for
org.elasticsearch:elasticsearch
(Maven)
May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in plexus-archiver
Moderate
CVE-2018-1002200
was published
for
org.codehaus.plexus:plexus-archiver
(Maven)
May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
Moderate
CVE-2015-5174
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in WildFly
Moderate
CVE-2018-10862
was published
for
org.wildfly.core:wildfly-server
(Maven)
May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in JBoss Undertow
Moderate
CVE-2014-7816
was published
for
io.undertow:undertow-core
(Maven)
May 17, 2022
Improper Limitation of a Pathname to a Restricted Directory in Zip4j
Moderate
CVE-2018-1002202
was published
for
net.lingala.zip4j:zip4j
(Maven)
May 13, 2022
Improper Limitation of a Pathname to a Restricted Directory in Elasticsearch
Moderate
CVE-2015-3337
was published
for
org.elasticsearch:elasticsearch
(Maven)
May 17, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jenkins Google OAuth Credentials Plugin
Moderate
CVE-2019-10436
was published
for
org.jenkins-ci.plugins:google-oauth-plugin
(Maven)
May 24, 2022
Neo4j Graph apoc plugins Partial Path Traversal Vulnerability
Moderate
CVE-2022-37423
was published
for
org.neo4j.procedure:apoc
(Maven)
Aug 12, 2022
Path Traversal In Eclipse GlassFish
Moderate
CVE-2022-2712
was published
for
org.glassfish.main.web:web
(Maven)
Jan 27, 2023
Path Traversal in Gravitee API Management
Moderate
CVE-2019-25075
was published
for
io.gravitee.apim:gravitee-api-management
(Maven)
Aug 24, 2022
Jenkins HTML Publisher Plugin path traversal vulnerability
Moderate
CVE-2018-1000175
was published
for
org.jenkins-ci.plugins:htmlpublisher
(Maven)
May 14, 2022
Apache Karaf vulnerable to relative path traversal
Moderate
CVE-2019-0226
was published
for
org.apache.karaf.config:org.apache.karaf.config.core
(Maven)
May 24, 2022
Arbitrary file read vulnerability in Copy data to workspace Jenkins Plugin
Moderate
CVE-2020-2275
was published
for
org.jvnet.hudson.plugins:copy-data-to-workspace-plugin
(Maven)
May 24, 2022
Arbitrary file read vulnerability in Jenkins Persona Plugin
Moderate
CVE-2020-2293
was published
for
org.jenkins-ci.plugins:persona
(Maven)
May 24, 2022
Path Traversal in Apache Oozie
Moderate
CVE-2017-15712
was published
for
org.apache.oozie:oozie-core
(Maven)
May 14, 2022
MPXJ path Traversal vulnerability
Moderate
CVE-2020-35460
was published
for
net.sf.mpxj:mpxj
(Maven)
Dec 18, 2020
ProTip!
Advisories are also available from the
GraphQL API