GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,793
Erlang
29
GitHub Actions
16
Go
1,710
Maven
4,947
npm
3,475
NuGet
605
pip
3,001
Pub
10
RubyGems
828
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
624 advisories
Filter by severity
Cross-site Scripting in Jenkins Image Tag Parameter Plugin
High
CVE-2022-34189
was published
for
org.jenkins-ci.plugins:image-tag-parameter
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Repository Connector Plugin
High
CVE-2022-34195
was published
for
org.jenkins-ci.plugins:repository-connector
(Maven)
Jun 24, 2022
Arbitrary file write vulnerability in Jenkins Pipeline: Input Step Plugin
High
CVE-2022-34177
was published
for
org.jenkins-ci.plugins:pipeline-input-step
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins REST List Parameter Plugin
High
CVE-2022-34196
was published
for
io.jenkins.plugins:rest-list-parameter
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Readonly Parameter Plugin
High
CVE-2022-34194
was published
for
org.jenkins-ci.plugins:readonly-parameters
(Maven)
Jun 24, 2022
User passwords stored in plain text by Jenkins EasyQA Plugin
Low
CVE-2022-34202
was published
for
com.geteasyqa:easyqa
(Maven)
Jun 24, 2022
Reflected Cross site scripting in Jenkins Embeddable Build Status Plugin
High
CVE-2022-34178
was published
for
org.jenkins-ci.plugins:embeddable-build-status
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins CRX Content Package Deployer Plugin
High
CVE-2022-34184
was published
for
org.jenkins-ci.plugins:crx-content-package-deployer
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Filesystem List Parameter Plugin
High
CVE-2022-34187
was published
for
aendter.jenkins.plugins:filesystem-list-parameter-plugin
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Maven Metadata Plugin
High
CVE-2022-34190
was published
for
eu.markov.jenkins.plugin.mvnmeta:maven-metadata-plugin
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Sauce OnDemand Plugin
High
CVE-2022-34197
was published
for
org.jenkins-ci.plugins:sauce-ondemand
(Maven)
Jun 24, 2022
Cross-Site Request Forgery in Jenkins EasyQA Plugin
Moderate
CVE-2022-34203
was published
for
com.geteasyqa:easyqa
(Maven)
Jun 24, 2022
Cross-Site Request Forgery in Jenkins Convertigo Mobile Platform Plugin
Moderate
CVE-2022-34200
was published
for
com.convertigo.jenkins.plugins:convertigo-mobile-platform
(Maven)
Jun 24, 2022
Cross-site Scripting vulnerability in Jenkins
High
CVE-2022-34172
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Jun 24, 2022
Cross-site Scripting vulnerability in Jenkins
High
CVE-2022-34173
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Jun 24, 2022
Cross-site Scripting vulnerability in Jenkins
High
CVE-2022-34171
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Jun 24, 2022
Reflected Cross-site Scripting in Jenkins Nested View Plugin
High
CVE-2022-34182
was published
for
org.jenkins-ci.plugins:nested-view
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Date Parameter Plugin
High
CVE-2022-34185
was published
for
me.leejay.jenkins:date-parameter
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins ontrack Jenkins Plugin
High
CVE-2022-34192
was published
for
org.jenkins-ci.plugins:ontrack
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins NS-ND Integration Performance Publisher Plugin
High
CVE-2022-34191
was published
for
io.jenkins.plugins:cavisson-ns-nd-integration
(Maven)
Jun 24, 2022
Path Traversal vulnerability in Jenkins Embeddable Build Status Plugin
Moderate
CVE-2022-34179
was published
for
org.jenkins-ci.plugins:embeddable-build-status
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Hidden Parameter Plugin
High
CVE-2022-34188
was published
for
org.jenkins-ci.plugins:hidden-parameter
(Maven)
Jun 24, 2022
Missing permission check in Jenkins Convertigo Mobile Platform Plugin
Moderate
CVE-2022-34201
was published
for
com.convertigo.jenkins.plugins:convertigo-mobile-platform
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins JUnit Plugin
High
CVE-2022-34176
was published
for
org.jenkins-ci.plugins:junit
(Maven)
Jun 24, 2022
Agent-to-controller security bypass in Jenkins xUnit Plugin
Moderate
CVE-2022-34181
was published
for
org.jenkins-ci.plugins:xunit
(Maven)
Jun 24, 2022
ProTip!
Advisories are also available from the
GraphQL API