GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
210 advisories
Filter by severity
Stored Cross-site Scripting vulnerability in Jenkins Promoted Builds Plugin
High
CVE-2022-29045
was published
for
org.jenkins-ci.plugins:promoted-builds
(Maven)
Apr 13, 2022
Untrusted users can modify some Pipeline libraries in Jenkins Pipeline: Deprecated Groovy Libraries Plugin
High
CVE-2022-29047
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
(Maven)
Apr 13, 2022
Stored Cross-site Scripting vulnerability in Jenkins Gerrit Trigger Plugin
High
CVE-2022-29039
was published
for
com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger
(Maven)
Apr 13, 2022
XXE vulnerability in Jenkins WebSphere Deployer Plugin
High
CVE-2020-2108
was published
for
org.jenkins-ci.plugins:websphere-deployer
(Maven)
May 24, 2022
Sandbox bypass vulnerability through implicitly allowlisted platform Groovy files in Jenkins Pipeline: Groovy Plugin
High
CVE-2022-30945
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps
(Maven)
May 18, 2022
Missing Authorization in Jenkins SSH plugin
High
CVE-2022-30959
was published
for
org.jenkins-ci.plugins:ssh
(Maven)
May 18, 2022
Cross Site Request Forgery in Jenkins Storable Configs Plugin
High
CVE-2022-30972
was published
for
org.jvnet.hudson.plugins:storable-configs-plugin
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins Rundeck Plugin
High
CVE-2022-30956
was published
for
org.jenkins-ci.plugins:rundeck
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins Global Variable String Parameter Plugin
High
CVE-2022-30962
was published
for
org.jenkins-ci.plugins:global-variable-string-parameter
(Maven)
May 18, 2022
Cross site scripting in Jenkins Selection tasks Plugin
High
CVE-2022-30967
was published
for
org.jvnet.hudson.plugins:selection-tasks-plugin
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins Autocomplete Parameter Plugin
High
CVE-2022-30970
was published
for
org.jenkins-ci.plugins:autocomplete-parameter
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins Application Detector Plugin
High
CVE-2022-30960
was published
for
org.jenkins-ci.plugins:app-detector
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins vboxwrapper Plugin
High
CVE-2022-30968
was published
for
org.jenkins-ci.plugins:vboxwrapper
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins JDK Parameter Plugin
High
CVE-2022-30963
was published
for
org.jenkins-ci.plugins:JDK_Parameter_Plugin
(Maven)
May 18, 2022
XML External Entity Reference in Jenkins Storable Configs Plugin
High
CVE-2022-30971
was published
for
org.jvnet.hudson.plugins:storable-configs-plugin
(Maven)
May 18, 2022
Cross Site Request Forgery in Jenkins SSH Plugin
High
CVE-2022-30958
was published
for
org.jenkins-ci.plugins:ssh
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins Multiselect parameter Plugin
High
CVE-2022-30964
was published
for
io.jenkins.plugins:multiselect-parameter
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins Autocomplete Parameter Plugin
High
CVE-2022-30961
was published
for
org.jenkins-ci.plugins:autocomplete-parameter
(Maven)
May 18, 2022
Cross-Site Request Forgery in Jenkins Autocomplete Parameter Plugin
High
CVE-2022-30969
was published
for
org.jenkins-ci.plugins:autocomplete-parameter
(Maven)
May 18, 2022
Stored Cross-site Scripting vulnerabilities in Jenkins promoted Builds (Simple) plugin providing additional parameter types
High
CVE-2022-30965
was published
for
org.jenkins-ci.plugins:promoted-builds-simple
(Maven)
May 18, 2022
Missing Authorization in Jenkins Recipe Plugin
High
CVE-2022-34794
was published
for
org.jenkins-ci.plugins:recipe
(Maven)
Jul 1, 2022
Cross-Site Request Forgery in Jenkins Recipe Plugin
High
CVE-2022-34792
was published
for
org.jenkins-ci.plugins:recipe
(Maven)
Jul 1, 2022
Stored XSS vulnerability in Jenkins Maven Metadata Plugin for Jenkins CI server plugin
High
CVE-2022-36905
was published
for
eu.markov.jenkins.plugin.mvnmeta:maven-metadata-plugin
(Maven)
Jul 28, 2022
Cross-site Scripting in Jenkins Rich Text Publisher Plugin
High
CVE-2022-34786
was published
for
org.jenkins-ci.plugins:rich-text-publisher-plugin
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins Validating Email Parameter Plugin
High
CVE-2022-34791
was published
for
io.jenkins.plugins:validating-email-parameter
(Maven)
Jul 1, 2022
ProTip!
Advisories are also available from the
GraphQL API