Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

210 advisories

Loading
Content-Security-Policy protection for user content disabled by Jenkins NeuVector Vulnerability Scanner Plugin High
CVE-2022-43434 was published for io.jenkins.plugins:neuvector-vulnerability-scanner (Maven) Oct 19, 2022
NotMyFault
XXE vulnerability in Jenkins Compuware Topaz for Total Test Plugin High
CVE-2022-43430 was published for com.compuware.jenkins:compuware-topaz-for-total-test (Maven) Oct 19, 2022
NotMyFault
CSRF protection for any URL can be bypassed in Jenkins Pipeline: Input Step Plugin High
CVE-2022-43407 was published for org.jenkins-ci.plugins:pipeline-input-step (Maven) Oct 19, 2022
NotMyFault
Agent-to-controller security bypass vulnerabilities in Jenkins Compuware Topaz for Total Test Plugin High
CVE-2022-43428 was published for com.compuware.jenkins:compuware-topaz-for-total-test (Maven) Oct 19, 2022
NotMyFault
Jenkins JUnit Plugin subject to Cross-site Scripting via URL conversion High
CVE-2022-45380 was published for org.jenkins-ci.plugins:junit (Maven) Nov 16, 2022
NotMyFault
Cross-site Scripting in Jenkins Deployment Dashboard Plugin High
CVE-2022-34795 was published for org.jenkins-ci.plugins:ec2-deployment-dashboard (Maven) Jul 1, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Contrast Continuous Application Security Plugin High
CVE-2022-43420 was published for org.jenkins-ci.plugins:contrast-continuous-application-security (Maven) Oct 19, 2022
NotMyFault
Cross-Site Request Forgery in Jenkins High
CVE-2020-2160 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault sunSUNQ
Cross-site Scripting vulnerability in Jenkins High
CVE-2022-34170 was published for org.jenkins-ci.main:jenkins-core (Maven) Jun 24, 2022
NotMyFault sunSUNQ
CSRF vulnerability and missing permission check in Jenkins JiraTestResultReporter Plugin High
CVE-2022-28136 was published for org.jenkins-ci.plugins:JiraTestResultReporter (Maven) Mar 30, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database