GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,741
Erlang
29
GitHub Actions
16
Go
1,710
Maven
4,946
npm
3,474
NuGet
605
pip
3,001
Pub
10
RubyGems
828
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
624 advisories
Filter by severity
Cross-site Scripting in Jenkins Multiselect parameter Plugin
High
CVE-2022-30964
was published
for
io.jenkins.plugins:multiselect-parameter
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins Autocomplete Parameter Plugin
High
CVE-2022-30961
was published
for
org.jenkins-ci.plugins:autocomplete-parameter
(Maven)
May 18, 2022
Cross Site Request Forgery in Jenkins SSH Plugin
High
CVE-2022-30958
was published
for
org.jenkins-ci.plugins:ssh
(Maven)
May 18, 2022
Cross-Site Request Forgery in Jenkins Autocomplete Parameter Plugin
High
CVE-2022-30969
was published
for
org.jenkins-ci.plugins:autocomplete-parameter
(Maven)
May 18, 2022
Stored Cross-site Scripting vulnerabilities in Jenkins promoted Builds (Simple) plugin providing additional parameter types
High
CVE-2022-30965
was published
for
org.jenkins-ci.plugins:promoted-builds-simple
(Maven)
May 18, 2022
Cross-Site Request Forgery in Jenkins Recipe Plugin
High
CVE-2022-34792
was published
for
org.jenkins-ci.plugins:recipe
(Maven)
Jul 1, 2022
CSRF vulnerability in Jenkins XebiaLabs XL Release Plugin allow capturing credentials
Moderate
CVE-2022-34780
was published
for
com.xebialabs.ci:xlrelease-plugin
(Maven)
Jul 1, 2022
Missing permission checks in Jenkins XebiaLabs XL Release Plugin allow enumerating credentials IDs
Moderate
CVE-2022-34779
was published
for
com.xebialabs.ci:xlrelease-plugin
(Maven)
Jul 1, 2022
Missing Authorization in Jenkins Recipe Plugin
High
CVE-2022-34794
was published
for
org.jenkins-ci.plugins:recipe
(Maven)
Jul 1, 2022
Missing Authorization in Jenkins XPath Configuration Viewer Plugin
Moderate
CVE-2022-34811
was published
for
org.jenkins-ci.plugins:xpath-config-viewer
(Maven)
Jul 1, 2022
Incorrect Authorization in Jenkins requests-plugin
Moderate
CVE-2022-34782
was published
for
org.jenkins-ci.plugins:requests
(Maven)
Jul 1, 2022
CSRF vulnerability in Jenkins OpenShift Deployer Plugin
Moderate
CVE-2022-36906
was published
for
org.jenkins-ci.plugins:openshift-deployer
(Maven)
Jul 28, 2022
Incorrect Authorization in Jenkins Request Rename Or Delete Plugin
Moderate
CVE-2022-34814
was published
for
org.jenkins-ci.plugins:rrod
(Maven)
Jul 1, 2022
CSRF vulnerability in Jenkins OpenShift Deployer Plugin
Moderate
CVE-2022-36908
was published
for
org.jenkins-ci.plugins:openshift-deployer
(Maven)
Jul 28, 2022
Stored XSS vulnerability in Jenkins Maven Metadata Plugin for Jenkins CI server plugin
High
CVE-2022-36905
was published
for
eu.markov.jenkins.plugin.mvnmeta:maven-metadata-plugin
(Maven)
Jul 28, 2022
CSRF vulnerability and mM
Moderate
CVE-2022-41246
was published
for
org.jenkins-ci.plugins:ws-execution-manager
(Maven)
Sep 22, 2022
Cross-site Scripting in Jenkins Rich Text Publisher Plugin
High
CVE-2022-34786
was published
for
org.jenkins-ci.plugins:rich-text-publisher-plugin
(Maven)
Jul 1, 2022
Cross-site Scripting in Jenkins Validating Email Parameter Plugin
High
CVE-2022-34791
was published
for
io.jenkins.plugins:validating-email-parameter
(Maven)
Jul 1, 2022
Missing permission check in Jenkins OpenShift Deployer Plugin
Moderate
CVE-2022-36907
was published
for
org.jenkins-ci.plugins:openshift-deployer
(Maven)
Jul 28, 2022
Missing Authorization in Jenkins Deployment Dashboard Plugin
Moderate
CVE-2022-34798
was published
for
org.jenkins-ci.plugins:ec2-deployment-dashboard
(Maven)
Jul 1, 2022
XML External Entity Reference in Jenkins Recipe Plugin
High
CVE-2022-34793
was published
for
org.jenkins-ci.plugins:recipe
(Maven)
Jul 1, 2022
Cross-Site Request Forgery in Jenkins Deployment Dashboard Plugin
Moderate
CVE-2022-34797
was published
for
org.jenkins-ci.plugins:ec2-deployment-dashboard
(Maven)
Jul 1, 2022
Stored XSS vulnerability in Jenkins Sonargraph Integration Plugin
Moderate
CVE-2020-2201
was published
for
org.jenkins-ci.plugins:sonargraph-integration
(Maven)
May 24, 2022
Reflected XSS in Jenkins Compatibility Action Storage Plugin
Moderate
CVE-2020-2217
was published
for
org.jenkins-ci.plugins:compatibility-action-storage
(Maven)
May 24, 2022
Stored XSS vulnerability in Jenkins Link Column Plugin
Moderate
CVE-2020-2219
was published
for
org.jenkins-ci.plugins:link-column
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API