Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

313 advisories

Loading
n8n Directory Traversal vulnerability Moderate
CVE-2023-27562 was published for n8n (npm) May 10, 2023
MarkLee131
m.static Directory Traversal vulnerability High
CVE-2023-26126 was published for m.static (npm) May 10, 2023
Path Traversal in Ghost High
CVE-2023-32235 was published for ghost (npm) May 5, 2023
Path traversal vulnerability in gatsby-plugin-sharp Moderate
CVE-2023-30548 was published for gatsby-plugin-sharp (npm) Apr 20, 2023
Arbitrary local file read vulnerability during template rendering High
CVE-2023-25345 was published for swig (npm) Mar 15, 2023
node-static and @nubosoftware/node-static vulnerable to Directory Traversal High
CVE-2023-26111 was published for @nubosoftware/node-static (npm) Mar 6, 2023
Unwanted access to the entire file system vulnerability due to a missing check in `staticFiles` HTTP handler Moderate
CVE-2025-27098 was published for @graphql-mesh/cli (npm) Feb 16, 2023
ardatan dotansimha
Path traversal vulnerability in glance Moderate
CVE-2022-25937 was published for glance (npm) Feb 13, 2023
lirantal
Servst vulnerable to Path Traversal High
CVE-2022-25936 was published for servst (npm) Jan 30, 2023
JSZip contains Path Traversal via loadAsync Moderate
CVE-2022-48285 was published for jszip (npm) Jan 29, 2023
Directory Traversal vulnerability in serve-lite High
CVE-2022-21192 was published for serve-lite (npm) Jan 26, 2023
lirantal
Path Traversal in web-node-server High
CVE-2020-36651 was published for web-node-server (npm) Jan 18, 2023
SimbCo httpster vulnerable to Path Traversal High
CVE-2020-36629 was published for httpster (npm) Dec 25, 2022
lite-dev-server vulnerable to Directory Traversal High
CVE-2022-25895 was published for lite-dev-server (npm) Dec 21, 2022
lirantal
easy-static-server vulnerable to Directory Traversal High
CVE-2022-25931 was published for easy-static-server (npm) Dec 20, 2022
lirantal
easywebpack-cli Path Traversal vulnerability Moderate
CVE-2020-24855 was published for @easy-team/easywebpack-cli (npm) Dec 15, 2022
static-dev-server vulnerable to path traversal High
CVE-2022-25848 was published for static-dev-server (npm) Nov 29, 2022
lirantal
Vite before v2.9.13 vulnerable to directory traversal via crafted URL to victim's service High
CVE-2022-35204 was published for vite (npm) Aug 19, 2022
dloetzke stypr
snyk-broker Path Traversal before v4.73.0 Moderate
CVE-2020-7649 was published for snyk-broker (npm) Jul 26, 2022
Directory traversal in convert-svg-core High
CVE-2022-24278 was published for convert-svg-core (npm) Jun 11, 2022
MJML vulnerable to path traversal High
CVE-2020-12827 was published for mjml (npm) May 24, 2022
HashBrown CMS Directory Traversal High
CVE-2020-5840 was published for hashbrown-cms (npm) May 24, 2022
Duplicate Advisory: Node CLI Allows Arbitrary File Overwrite Low
CVE-2016-1000021 was published for cli (npm) May 24, 2022 withdrawn
Total.js CMS Path Traversal High
CVE-2019-15952 was published for total4 (npm) May 24, 2022
jqueryFileTree vulnerable to Directory Traversal High
CVE-2017-1000170 was published for jqueryfiletree (npm) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database