Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

210 advisories

Loading
Stored XSS vulnerability in Jenkins job build time trend High
CVE-2020-2220 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins upstream cause High
CVE-2020-2221 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins console links High
CVE-2020-2223 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in single axis builds tooltips in Jenkins Matrix Project Plugin High
CVE-2020-2224 was published for org.jenkins-ci.plugins:matrix-project (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Matrix Authorization Strategy Plugin High
CVE-2020-2226 was published for org.jenkins-ci.plugins:matrix-auth (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in multiple axis builds tooltips in Jenkins Matrix Project Plugin High
CVE-2020-2225 was published for org.jenkins-ci.plugins:matrix-project (Maven) May 24, 2022
NotMyFault
Improper authorization of users and groups with the same base name in Jenkins GitLab Authentication Plugin High
CVE-2020-2228 was published for org.jenkins-ci.plugins:gitlab-oauth (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins 'keep forever' badge icon High
CVE-2020-2222 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Deployer Framework Plugin High
CVE-2020-2227 was published for org.jenkins-ci.plugins:deployer-framework (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins Pipeline Maven Integration Plugin allow capturing credentials High
CVE-2020-2234 was published for org.jenkins-ci.plugins:pipeline-maven (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Yet Another Build Visualizer Plugin High
CVE-2020-2236 was published for com.axis.system.jenkins.plugins.downstream:yet-another-build-visualizer (Maven) May 24, 2022
NotMyFault
Jenkins Cross-Site Scripting vulnerability in help icons High
CVE-2020-2229 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Jenkins Cross-site Scripting vulnerability in project naming strategy High
CVE-2020-2230 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Pipeline Maven Integration Plugin allow capturing credentials High
CVE-2020-2235 was published for org.jenkins-ci.plugins:pipeline-maven (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Valgrind Plugin High
CVE-2020-2246 was published for org.jenkins-ci.plugins:valgrind (Maven) May 24, 2022
NotMyFault
XXE vulnerability in Jenkins Valgrind Plugin High
CVE-2020-2245 was published for org.jenkins-ci.plugins:valgrind (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Database Plugin High
CVE-2020-2240 was published for org.jenkins-ci.plugins:database (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Git Parameter Plugin High
CVE-2020-2238 was published for org.jenkins-ci.tools:git-parameter (Maven) May 24, 2022
NotMyFault
XSS vulnerability in Jenkins Build Failure Analyzer Plugin High
CVE-2020-2244 was published for com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Cadence vManager Plugin High
CVE-2020-2243 was published for org.jenkins-ci.plugins:vmanager-plugin (Maven) May 24, 2022
NotMyFault
XXE vulnerability in Jenkins Klocwork Analysis Plugin High
CVE-2020-2247 was published for org.jenkins-ci.plugins:klocwork (Maven) May 24, 2022
NotMyFault
Reflected XSS vulnerability in Jenkins JSGames Plugin High
CVE-2020-2248 was published for org.jenkins-ci.plugins:jsgames (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Validating String Parameter Plugin High
CVE-2020-2257 was published for org.jenkins-ci.plugins:validating-string-parameter (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in computer-queue-plugin Plugin High
CVE-2020-2259 was published for jenkins.ci.plugins.computerqueue:computer-queue-plugin (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Radiator View Plugin High
CVE-2020-2263 was published for org.jenkins-ci.plugins:radiatorviewplugin (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database