GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
149 advisories
Filter by severity
Cross-site Scripting vulnerability in Jenkins
High
CVE-2022-34172
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins JUnit Plugin
High
CVE-2022-34176
was published
for
org.jenkins-ci.plugins:junit
(Maven)
Jun 24, 2022
Cross-site Scripting vulnerability in Jenkins
High
CVE-2022-34173
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins ontrack Jenkins Plugin
High
CVE-2022-34192
was published
for
org.jenkins-ci.plugins:ontrack
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Date Parameter Plugin
High
CVE-2022-34185
was published
for
me.leejay.jenkins:date-parameter
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins REST List Parameter Plugin
High
CVE-2022-34196
was published
for
io.jenkins.plugins:rest-list-parameter
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Package Version Plugin
High
CVE-2022-34193
was published
for
org.lilicurroad.jenkins:packageversion
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Readonly Parameter Plugin
High
CVE-2022-34194
was published
for
org.jenkins-ci.plugins:readonly-parameters
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Hidden Parameter Plugin
High
CVE-2022-34188
was published
for
org.jenkins-ci.plugins:hidden-parameter
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Maven Metadata Plugin
High
CVE-2022-34190
was published
for
eu.markov.jenkins.plugin.mvnmeta:maven-metadata-plugin
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Sauce OnDemand Plugin
High
CVE-2022-34197
was published
for
org.jenkins-ci.plugins:sauce-ondemand
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Agent Server Parameter Plugin
High
CVE-2022-34183
was published
for
io.jenkins.plugins:agent-server-parameter
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Dynamic Extended Choice Parameter Plugin
High
CVE-2022-34186
was published
for
com.moded.extendedchoiceparameter:dynamic_extended_choice_parameter
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins CRX Content Package Deployer Plugin
High
CVE-2022-34184
was published
for
org.jenkins-ci.plugins:crx-content-package-deployer
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins NS-ND Integration Performance Publisher Plugin
High
CVE-2022-34191
was published
for
io.jenkins.plugins:cavisson-ns-nd-integration
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Filesystem List Parameter Plugin
High
CVE-2022-34187
was published
for
aendter.jenkins.plugins:filesystem-list-parameter-plugin
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Repository Connector Plugin
High
CVE-2022-34195
was published
for
org.jenkins-ci.plugins:repository-connector
(Maven)
Jun 24, 2022
Cross-site Scripting vulnerability in Jenkins
High
CVE-2022-34170
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Jun 24, 2022
Cross-site Scripting in Filter Stream Converter Application in XWiki Platform
High
CVE-2022-29258
was published
for
org.xwiki.platform:xwiki-platform-filter-ui
(Maven)
Jun 1, 2022
Cross-site Scripting in wiki manager join wiki page
High
CVE-2022-29252
was published
for
org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki
(Maven)
May 25, 2022
Cross-site Scripting in the Flamingo theme manager
High
CVE-2022-29251
was published
for
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
(Maven)
May 25, 2022
Reflected XSS vulnerability in Jenkins Micro Focus Application Automation Tools Plugin
High
CVE-2021-22510
was published
for
org.jenkins-ci.plugins:hp-application-automation-tools-plugin
(Maven)
May 24, 2022
Stored XSS vulnerability in Locked Files Report Plugin
High
CVE-2020-2271
was published
for
org.jvnet.hudson.plugins:locked-files-report
(Maven)
May 24, 2022
Stored XSS vulnerability in Coverage/Complexity Scatter Plot Plugin
High
CVE-2020-2265
was published
for
org.jenkins-ci.plugins:covcomplplot
(Maven)
May 24, 2022
Stored XSS vulnerability in Custom Job Icon Plugin
High
CVE-2020-2264
was published
for
org.jenkins-ci.plugins:custom-job-icon
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API