Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

210 advisories

Loading
RCE vulnerability in Google Kubernetes Engine Plugin High
CVE-2020-2121 was published for org.jenkins-ci.plugins:google-kubernetes-engine (Maven) May 24, 2022
NotMyFault
RCE vulnerability in Jenkins Pipeline: AWS Steps Plugin High
CVE-2020-2166 was published for de.taimos:pipeline-aws (Maven) May 24, 2022
NotMyFault
XXE vulnerability in Jenkins RapidDeploy Plugin High
CVE-2020-2171 was published for org.jenkins-ci.plugins:rapiddeploy-jenkins (Maven) May 24, 2022
NotMyFault
RCE vulnerability in Jenkins Azure Container Service Plugin High
CVE-2020-2168 was published for org.jenkins-ci.plugins:azure-acs (Maven) May 24, 2022
NotMyFault
Cross-site Scripting in Jenkins JUnit Plugin High
CVE-2022-34176 was published for org.jenkins-ci.plugins:junit (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Agent Server Parameter Plugin High
CVE-2022-34183 was published for io.jenkins.plugins:agent-server-parameter (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Stash Branch Parameter Plugin High
CVE-2022-34198 was published for org.jenkins-ci.plugins:StashBranchParameter (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins CRX Content Package Deployer Plugin High
CVE-2022-34184 was published for org.jenkins-ci.plugins:crx-content-package-deployer (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Date Parameter Plugin High
CVE-2022-34185 was published for me.leejay.jenkins:date-parameter (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting vulnerability in Jenkins High
CVE-2022-34173 was published for org.jenkins-ci.main:jenkins-core (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins ontrack Jenkins Plugin High
CVE-2022-34192 was published for org.jenkins-ci.plugins:ontrack (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Filesystem List Parameter Plugin High
CVE-2022-34187 was published for aendter.jenkins.plugins:filesystem-list-parameter-plugin (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Dynamic Extended Choice Parameter Plugin High
CVE-2022-34186 was published for com.moded.extendedchoiceparameter:dynamic_extended_choice_parameter (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Hidden Parameter Plugin High
CVE-2022-34188 was published for org.jenkins-ci.plugins:hidden-parameter (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Sauce OnDemand Plugin High
CVE-2022-34197 was published for org.jenkins-ci.plugins:sauce-ondemand (Maven) Jun 24, 2022
NotMyFault
Reflected Cross-site Scripting in Jenkins Nested View Plugin High
CVE-2022-34182 was published for org.jenkins-ci.plugins:nested-view (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Readonly Parameter Plugin High
CVE-2022-34194 was published for org.jenkins-ci.plugins:readonly-parameters (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Maven Metadata Plugin High
CVE-2022-34190 was published for eu.markov.jenkins.plugin.mvnmeta:maven-metadata-plugin (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Repository Connector Plugin High
CVE-2022-34195 was published for org.jenkins-ci.plugins:repository-connector (Maven) Jun 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Walti plugin High
CVE-2022-41240 was published for org.jenkins-ci.plugins:walti (Maven) Sep 22, 2022
NotMyFault
RCE vulnerability in Jenkins DotCi Plugin High
CVE-2022-41237 was published for com.groupon.jenkins-ci.plugins:DotCi (Maven) Sep 22, 2022
NotMyFault
Jenkins build-publisher plugin vulnerable to cross-site request forgery High
CVE-2022-41232 was published for org.jenkins-ci.plugins:build-publisher (Maven) Sep 22, 2022
NotMyFault
Stored XSS vulnerability in Jenkins DotCi Plugin High
CVE-2022-41239 was published for com.groupon.jenkins-ci.plugins:DotCi (Maven) Sep 22, 2022
NotMyFault
Cross-site Scripting vulnerability in Jenkins High
CVE-2022-34172 was published for org.jenkins-ci.main:jenkins-core (Maven) Jun 24, 2022
NotMyFault
Arbitrary file write vulnerability in Jenkins Pipeline: Input Step Plugin High
CVE-2022-34177 was published for org.jenkins-ci.plugins:pipeline-input-step (Maven) Jun 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database