GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
6,275 advisories
Filter by severity
Directory traversal vulnerability in RubyZip
Critical
CVE-2017-5946
was published
for
rubyzip
(RubyGems)
Oct 24, 2017
archive-tar-minitar and minitar vulnerable to Path Traversal
High
CVE-2016-10173
was published
for
archive-tar-minitar
(RubyGems)
Oct 24, 2017
Directory traversal vulnerability in Action View in Ruby on Rails
High
CVE-2016-0752
was published
for
actionpack
(RubyGems)
Oct 24, 2017
actionview contains Path Traversal vulnerability
Moderate
CVE-2016-2097
was published
for
actionpack
(RubyGems)
Oct 24, 2017
actionpack Path Traversal vulnerability
Moderate
CVE-2014-0130
was published
for
actionpack
(RubyGems)
Oct 24, 2017
sprockets vulnerable to Path Traversal
Moderate
CVE-2014-7819
was published
for
sprockets
(RubyGems)
Oct 24, 2017
Directory traversal vulnerability in actionpack
Moderate
CVE-2014-7829
was published
for
actionpack
(RubyGems)
Oct 24, 2017
actionpack vulnerable to Path Traversal
Moderate
CVE-2014-7818
was published
for
actionpack
(RubyGems)
Oct 24, 2017
Wicked gem contains Path traversal vulnerability
Moderate
CVE-2013-4413
was published
for
wicked
(RubyGems)
Oct 24, 2017
Rack Vulnerable to Path Traversal
Moderate
CVE-2013-0262
was published
for
rack
(RubyGems)
Oct 24, 2017
Puppet vulnerable to Path Traversal
Low
CVE-2012-3865
was published
for
puppet
(RubyGems)
Oct 24, 2017
Mail Gem Path Traversal vulnerability
Moderate
CVE-2012-2139
was published
for
mail
(RubyGems)
Oct 24, 2017
Next.js Directory Traversal Vulnerability
High
CVE-2017-16877
was published
for
next
(npm)
Dec 5, 2017
Arbitrary file read vulnerability in yard server
High
CVE-2017-17042
was published
for
yard
(RubyGems)
Dec 21, 2017
Directory traversal vulnerability in Next.js
High
CVE-2018-6184
was published
for
next
(npm)
Jan 24, 2018
Sinatra Path Traversal vulnerability
Moderate
CVE-2018-7212
was published
for
sinatra
(RubyGems)
Feb 20, 2018
Sprockets path traversal leads to information leak
High
CVE-2018-3760
was published
for
sprockets
(RubyGems)
Jun 20, 2018
Diffoscope may write to arbitrary locations due to an untrusted archive
Critical
CVE-2017-0359
was published
for
diffoscope
(pip)
Jul 13, 2018
Path Traversal in crud-file-server
High
CVE-2018-3733
was published
for
crud-file-server
(npm)
Jul 18, 2018
ProTip!
Advisories are also available from the
GraphQL API