Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

149 advisories

Loading
Cross-site Scripting vulnerability in Jenkins High
CVE-2022-34172 was published for org.jenkins-ci.main:jenkins-core (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins JUnit Plugin High
CVE-2022-34176 was published for org.jenkins-ci.plugins:junit (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting vulnerability in Jenkins High
CVE-2022-34173 was published for org.jenkins-ci.main:jenkins-core (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins ontrack Jenkins Plugin High
CVE-2022-34192 was published for org.jenkins-ci.plugins:ontrack (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Date Parameter Plugin High
CVE-2022-34185 was published for me.leejay.jenkins:date-parameter (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins REST List Parameter Plugin High
CVE-2022-34196 was published for io.jenkins.plugins:rest-list-parameter (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Package Version Plugin High
CVE-2022-34193 was published for org.lilicurroad.jenkins:packageversion (Maven) Jun 24, 2022
Cross-site Scripting in Jenkins Readonly Parameter Plugin High
CVE-2022-34194 was published for org.jenkins-ci.plugins:readonly-parameters (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Hidden Parameter Plugin High
CVE-2022-34188 was published for org.jenkins-ci.plugins:hidden-parameter (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Maven Metadata Plugin High
CVE-2022-34190 was published for eu.markov.jenkins.plugin.mvnmeta:maven-metadata-plugin (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Sauce OnDemand Plugin High
CVE-2022-34197 was published for org.jenkins-ci.plugins:sauce-ondemand (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Agent Server Parameter Plugin High
CVE-2022-34183 was published for io.jenkins.plugins:agent-server-parameter (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Dynamic Extended Choice Parameter Plugin High
CVE-2022-34186 was published for com.moded.extendedchoiceparameter:dynamic_extended_choice_parameter (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins CRX Content Package Deployer Plugin High
CVE-2022-34184 was published for org.jenkins-ci.plugins:crx-content-package-deployer (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins NS-ND Integration Performance Publisher Plugin High
CVE-2022-34191 was published for io.jenkins.plugins:cavisson-ns-nd-integration (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Filesystem List Parameter Plugin High
CVE-2022-34187 was published for aendter.jenkins.plugins:filesystem-list-parameter-plugin (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Repository Connector Plugin High
CVE-2022-34195 was published for org.jenkins-ci.plugins:repository-connector (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting vulnerability in Jenkins High
CVE-2022-34170 was published for org.jenkins-ci.main:jenkins-core (Maven) Jun 24, 2022
NotMyFault sunSUNQ
Cross-site Scripting in Filter Stream Converter Application in XWiki Platform High
CVE-2022-29258 was published for org.xwiki.platform:xwiki-platform-filter-ui (Maven) Jun 1, 2022
Cross-site Scripting in wiki manager join wiki page High
CVE-2022-29252 was published for org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki (Maven) May 25, 2022
Cross-site Scripting in the Flamingo theme manager High
CVE-2022-29251 was published for org.xwiki.platform:xwiki-platform-flamingo-theme-ui (Maven) May 25, 2022
Reflected XSS vulnerability in Jenkins Micro Focus Application Automation Tools Plugin High
CVE-2021-22510 was published for org.jenkins-ci.plugins:hp-application-automation-tools-plugin (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Locked Files Report Plugin High
CVE-2020-2271 was published for org.jvnet.hudson.plugins:locked-files-report (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Coverage/Complexity Scatter Plot Plugin High
CVE-2020-2265 was published for org.jenkins-ci.plugins:covcomplplot (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Custom Job Icon Plugin High
CVE-2020-2264 was published for org.jenkins-ci.plugins:custom-job-icon (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API