Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,367
Maven
5,000+
npm
3,986
NuGet
720
pip
3,778
Pub
12
RubyGems
926
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

111 advisories

Loading
Partial Path Traversal in com.amazonaws:aws-java-sdk-s3 High
CVE-2022-31159 was published for com.amazonaws:aws-java-sdk-s3 (Maven) Jul 15, 2022
JLLeitschuh
Arbitrary file write vulnerability in Jenkins Pipeline: Input Step Plugin High
CVE-2022-34177 was published for org.jenkins-ci.plugins:pipeline-input-step (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting vulnerability in Jenkins High
CVE-2022-34172 was published for org.jenkins-ci.main:jenkins-core (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting vulnerability in Jenkins High
CVE-2022-34170 was published for org.jenkins-ci.main:jenkins-core (Maven) Jun 24, 2022
NotMyFault sunSUNQ
Cross-site Scripting vulnerability in Jenkins High
CVE-2022-34173 was published for org.jenkins-ci.main:jenkins-core (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting vulnerability in Jenkins High
CVE-2022-34171 was published for org.jenkins-ci.main:jenkins-core (Maven) Jun 24, 2022
NotMyFault
User account escalation in Apache Hadoop High
CVE-2021-33036 was published for org.apache.hadoop:hadoop-yarn-server-common (Maven) Jun 16, 2022
Path traversal in CureKit High
CVE-2022-23082 was published for io.whitesource:curekit (Maven) Jun 1, 2022
Improper Limitation of a Pathname to a Restricted Directory in Fabric8 Kubernetes Client High
CVE-2021-20218 was published for io.fabric8:kubernetes-client (Maven) May 24, 2022
Path traversal vulnerability in Jenkins agent names High
CVE-2021-21605 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Jenkins Support Core Plugin allowed users with Overall/Read permission to delete arbitrary files High
CVE-2019-16540 was published for org.jenkins-ci.plugins:support-core (Maven) May 24, 2022
Mule modules contain Directory Traversal High
CVE-2019-15630 was published for org.mule.runtime:mule (Maven) May 24, 2022
Path traversal in Gitblit High
CVE-2022-31268 was published for com.gitblit:gitblit (Maven) May 22, 2022
Path traversal in Jenkins Git Mercurial and Repo Plugins High
CVE-2022-30947 was published for org.jenkins-ci.plugins:git (Maven) May 18, 2022
NotMyFault
Path Traversal in Apache Jetspeed High
CVE-2016-0709 was published for org.apache.portals.jetspeed-2:jetspeed (Maven) May 17, 2022
Path Traversal in Apache Atlas High
CVE-2016-8752 was published for org.apache.atlas:atlas-common (Maven) May 17, 2022
Apache Storm log viewer path traversal vulnerability High
CVE-2014-0115 was published for org.apache.storm:storm (Maven) May 17, 2022
Apache ODE Path Traversal vulnerability High
CVE-2018-1316 was published for org.apache.ode:ode (Maven) May 14, 2022
Path Traversal in OWASP Dependency-Check High
CVE-2018-12036 was published for org.owasp:dependency-check-maven (Maven) May 14, 2022
Path Traversal in Eclipse Mojarra High
CVE-2018-14371 was published for org.glassfish:mojarra-parent (Maven) May 14, 2022
Apache Geronimo Application Server multiple directory traversal vulnerabilities High
CVE-2008-5518 was published for org.apache.geronimo.plugins:console (Maven) May 14, 2022
MarkLee131
Asset Pipeline plugin for Grails vulnerable to Path Traversal High
CVE-2018-17605 was published for org.grails.plugins:asset-pipeline (Maven) May 14, 2022
RDF4J vulnerable to zip slip High
CVE-2018-20227 was published for org.eclipse.rdf4j:rdf4j (Maven) May 14, 2022
MarkLee131
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat High
CVE-2017-7675 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
tdunlap607
Asset Pipeline Grails Plugin vulnerable to Path Traversal High
CVE-2018-1000817 was published for org.grails.plugins:asset-pipeline (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database