GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
210 advisories
Filter by severity
Stored XSS vulnerability in Jenkins Walti plugin
High
CVE-2022-41240
was published
for
org.jenkins-ci.plugins:walti
(Maven)
Sep 22, 2022
Jenkins Anchore Container Image Scanner Plugin vulnerable to cross site scripting
High
CVE-2022-41225
was published
for
org.jenkins-ci.plugins:anchore-container-scanner
(Maven)
Sep 22, 2022
Jenkins NS-ND Integration Performance Publisher Plugin vulnerable to Cross-site Scripting
High
CVE-2022-41229
was published
for
io.jenkins.plugins:cavisson-ns-nd-integration
(Maven)
Sep 22, 2022
RCE vulnerability in Jenkins DotCi Plugin
High
CVE-2022-41237
was published
for
com.groupon.jenkins-ci.plugins:DotCi
(Maven)
Sep 22, 2022
Jenkins vulnerable to stored cross site scripting in the I:helpIcon component
High
CVE-2022-41224
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Sep 22, 2022
Jenkins Compuware Common Configuration Plugin vulnerable to Improper Restriction of XML External Entity Reference
High
CVE-2022-41226
was published
for
com.compuware.jenkins:compuware-common-configuration
(Maven)
Sep 22, 2022
Stored XSS vulnerability in Jenkins Maven Metadata Plugin for Jenkins CI server plugin
High
CVE-2022-36905
was published
for
eu.markov.jenkins.plugin.mvnmeta:maven-metadata-plugin
(Maven)
Jul 28, 2022
Jenkins Coverity Plugin vulnerable to cross-site request forgery (CSRF)
High
CVE-2022-36920
was published
for
org.jenkins-ci.plugins:coverity
(Maven)
Jul 28, 2022
Missing permission check in Coverity Plugin allows capturing credentials
High
CVE-2022-36921
was published
for
org.jenkins-ci.plugins:coverity
(Maven)
Jul 28, 2022
Arbitrary file write vulnerability in Jenkins CLIF Performance Testing plugin
High
CVE-2022-36894
was published
for
org.jenkins-ci.plugins:clif-performance-testing
(Maven)
Jul 28, 2022
Stored XSS vulnerability in Jenkins Dynamic Extended Choice Parameter plugin
High
CVE-2022-36902
was published
for
com.moded.extendedchoiceparameter:dynamic_extended_choice_parameter
(Maven)
Jul 28, 2022
Missing Authorization in Jenkins Recipe Plugin
High
CVE-2022-34794
was published
for
org.jenkins-ci.plugins:recipe
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins Rich Text Publisher Plugin
High
CVE-2022-34786
was published
for
org.jenkins-ci.plugins:rich-text-publisher-plugin
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins Validating Email Parameter Plugin
High
CVE-2022-34791
was published
for
io.jenkins.plugins:validating-email-parameter
(Maven)
Jul 1, 2022
Cross-Site Request Forgery in Jenkins Recipe Plugin
High
CVE-2022-34792
was published
for
org.jenkins-ci.plugins:recipe
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins Deployment Dashboard Plugin
High
CVE-2022-34795
was published
for
org.jenkins-ci.plugins:ec2-deployment-dashboard
(Maven)
Jul 1, 2022
XML External Entity Reference in Jenkins Recipe Plugin
High
CVE-2022-34793
was published
for
org.jenkins-ci.plugins:recipe
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins Plot Plugin
High
CVE-2022-34783
was published
for
org.jenkins-ci.plugins:plot
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins GitLab Plugin
High
CVE-2022-34777
was published
for
org.jenkins-ci.plugins:gitlab-plugin
(Maven)
Jul 1, 2022
Cross site scripting in Jenkins build-metrics Plugin
High
CVE-2022-34784
was published
for
org.jenkins-ci.plugins:build-metrics
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins TestNG Results Plugin
High
CVE-2022-34778
was published
for
org.jenkins-ci.plugins:testng-plugin
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins eXtreme Feedback Panel Plugin
High
CVE-2022-34790
was published
for
org.jenkins-ci.plugins:xfpanel
(Maven)
Jul 1, 2022
Jenkins Matrix Reloaded Plugin vulnerable to Stored XSS
High
CVE-2022-34788
was published
for
net.praqma:matrix-reloaded
(Maven)
Jul 1, 2022
Jenkins Project Inheritance Plugin vulnerable to cross site scripting
High
CVE-2022-34787
was published
for
hudson.plugins:project-inheritance
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins Stash Branch Parameter Plugin
High
CVE-2022-34198
was published
for
org.jenkins-ci.plugins:StashBranchParameter
(Maven)
Jun 24, 2022
ProTip!
Advisories are also available from the
GraphQL API