GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,793
Erlang
29
GitHub Actions
16
Go
1,710
Maven
4,947
npm
3,475
NuGet
605
pip
3,001
Pub
10
RubyGems
828
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
210 advisories
Filter by severity
Jenkins build-publisher plugin vulnerable to cross-site request forgery
High
CVE-2022-41232
was published
for
org.jenkins-ci.plugins:build-publisher
(Maven)
Sep 22, 2022
RCE vulnerability in Jenkins DotCi Plugin
High
CVE-2022-41237
was published
for
com.groupon.jenkins-ci.plugins:DotCi
(Maven)
Sep 22, 2022
Stored XSS vulnerability in Jenkins DotCi Plugin
High
CVE-2022-41239
was published
for
com.groupon.jenkins-ci.plugins:DotCi
(Maven)
Sep 22, 2022
Jenkins NS-ND Integration Performance Publisher Plugin vulnerable to Cross-site Scripting
High
CVE-2022-41229
was published
for
io.jenkins.plugins:cavisson-ns-nd-integration
(Maven)
Sep 22, 2022
Stored XSS vulnerability in Jenkins Walti plugin
High
CVE-2022-41240
was published
for
org.jenkins-ci.plugins:walti
(Maven)
Sep 22, 2022
Jenkins Anchore Container Image Scanner Plugin vulnerable to cross site scripting
High
CVE-2022-41225
was published
for
org.jenkins-ci.plugins:anchore-container-scanner
(Maven)
Sep 22, 2022
Stored XSS vulnerability in Jenkins Dynamic Extended Choice Parameter plugin
High
CVE-2022-36902
was published
for
com.moded.extendedchoiceparameter:dynamic_extended_choice_parameter
(Maven)
Jul 28, 2022
Stored XSS vulnerability in Jenkins Maven Metadata Plugin for Jenkins CI server plugin
High
CVE-2022-36905
was published
for
eu.markov.jenkins.plugin.mvnmeta:maven-metadata-plugin
(Maven)
Jul 28, 2022
Jenkins Coverity Plugin vulnerable to cross-site request forgery (CSRF)
High
CVE-2022-36920
was published
for
org.jenkins-ci.plugins:coverity
(Maven)
Jul 28, 2022
Missing permission check in Coverity Plugin allows capturing credentials
High
CVE-2022-36921
was published
for
org.jenkins-ci.plugins:coverity
(Maven)
Jul 28, 2022
Arbitrary file write vulnerability in Jenkins CLIF Performance Testing plugin
High
CVE-2022-36894
was published
for
org.jenkins-ci.plugins:clif-performance-testing
(Maven)
Jul 28, 2022
Jenkins Matrix Reloaded Plugin vulnerable to Stored XSS
High
CVE-2022-34788
was published
for
net.praqma:matrix-reloaded
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins Rich Text Publisher Plugin
High
CVE-2022-34786
was published
for
org.jenkins-ci.plugins:rich-text-publisher-plugin
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins Validating Email Parameter Plugin
High
CVE-2022-34791
was published
for
io.jenkins.plugins:validating-email-parameter
(Maven)
Jul 1, 2022
Cross-Site Request Forgery in Jenkins Recipe Plugin
High
CVE-2022-34792
was published
for
org.jenkins-ci.plugins:recipe
(Maven)
Jul 1, 2022
XML External Entity Reference in Jenkins Recipe Plugin
High
CVE-2022-34793
was published
for
org.jenkins-ci.plugins:recipe
(Maven)
Jul 1, 2022
Missing Authorization in Jenkins Recipe Plugin
High
CVE-2022-34794
was published
for
org.jenkins-ci.plugins:recipe
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins Deployment Dashboard Plugin
High
CVE-2022-34795
was published
for
org.jenkins-ci.plugins:ec2-deployment-dashboard
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins Plot Plugin
High
CVE-2022-34783
was published
for
org.jenkins-ci.plugins:plot
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins GitLab Plugin
High
CVE-2022-34777
was published
for
org.jenkins-ci.plugins:gitlab-plugin
(Maven)
Jul 1, 2022
Jenkins Project Inheritance Plugin vulnerable to cross site scripting
High
CVE-2022-34787
was published
for
hudson.plugins:project-inheritance
(Maven)
Jul 1, 2022
Cross site scripting in Jenkins build-metrics Plugin
High
CVE-2022-34784
was published
for
org.jenkins-ci.plugins:build-metrics
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins TestNG Results Plugin
High
CVE-2022-34778
was published
for
org.jenkins-ci.plugins:testng-plugin
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins eXtreme Feedback Panel Plugin
High
CVE-2022-34790
was published
for
org.jenkins-ci.plugins:xfpanel
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins Stash Branch Parameter Plugin
High
CVE-2022-34198
was published
for
org.jenkins-ci.plugins:StashBranchParameter
(Maven)
Jun 24, 2022
ProTip!
Advisories are also available from the
GraphQL API