GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
210 advisories
Filter by severity
Cross-site Scripting vulnerability in Jenkins
High
CVE-2022-34170
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Jun 24, 2022
Unauthorized view fragment access in Jenkins
High
CVE-2022-34175
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Jun 24, 2022
Cross-site Scripting vulnerability in Jenkins
High
CVE-2022-34172
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Hidden Parameter Plugin
High
CVE-2022-34188
was published
for
org.jenkins-ci.plugins:hidden-parameter
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Sauce OnDemand Plugin
High
CVE-2022-34197
was published
for
org.jenkins-ci.plugins:sauce-ondemand
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Agent Server Parameter Plugin
High
CVE-2022-34183
was published
for
io.jenkins.plugins:agent-server-parameter
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins CRX Content Package Deployer Plugin
High
CVE-2022-34184
was published
for
org.jenkins-ci.plugins:crx-content-package-deployer
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Date Parameter Plugin
High
CVE-2022-34185
was published
for
me.leejay.jenkins:date-parameter
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Maven Metadata Plugin
High
CVE-2022-34190
was published
for
eu.markov.jenkins.plugin.mvnmeta:maven-metadata-plugin
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins REST List Parameter Plugin
High
CVE-2022-34196
was published
for
io.jenkins.plugins:rest-list-parameter
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Repository Connector Plugin
High
CVE-2022-34195
was published
for
org.jenkins-ci.plugins:repository-connector
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Dynamic Extended Choice Parameter Plugin
High
CVE-2022-34186
was published
for
com.moded.extendedchoiceparameter:dynamic_extended_choice_parameter
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Filesystem List Parameter Plugin
High
CVE-2022-34187
was published
for
aendter.jenkins.plugins:filesystem-list-parameter-plugin
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins NS-ND Integration Performance Publisher Plugin
High
CVE-2022-34191
was published
for
io.jenkins.plugins:cavisson-ns-nd-integration
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins ontrack Jenkins Plugin
High
CVE-2022-34192
was published
for
org.jenkins-ci.plugins:ontrack
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Readonly Parameter Plugin
High
CVE-2022-34194
was published
for
org.jenkins-ci.plugins:readonly-parameters
(Maven)
Jun 24, 2022
Arbitrary file write vulnerability in Jenkins Pipeline: Input Step Plugin
High
CVE-2022-34177
was published
for
org.jenkins-ci.plugins:pipeline-input-step
(Maven)
Jun 24, 2022
Cross-site Scripting vulnerability in Jenkins
High
CVE-2022-34171
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Jun 24, 2022
Reflected Cross site scripting in Jenkins Embeddable Build Status Plugin
High
CVE-2022-34178
was published
for
org.jenkins-ci.plugins:embeddable-build-status
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins Image Tag Parameter Plugin
High
CVE-2022-34189
was published
for
org.jenkins-ci.plugins:image-tag-parameter
(Maven)
Jun 24, 2022
Cross-site Scripting vulnerability in Jenkins
High
CVE-2022-34173
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Jun 24, 2022
Cross-site Scripting in Jenkins JUnit Plugin
High
CVE-2022-34176
was published
for
org.jenkins-ci.plugins:junit
(Maven)
Jun 24, 2022
Reflected Cross-site Scripting in Jenkins Nested View Plugin
High
CVE-2022-34182
was published
for
org.jenkins-ci.plugins:nested-view
(Maven)
Jun 24, 2022
Agent-to-controller security bypass in Jenkins Squash TM Publisher (Squash4Jenkins) Plugin allows writing arbitrary files
High
CVE-2021-43578
was published
for
org.jenkins-ci.plugins:squashtm-publisher-plugin
(Maven)
May 24, 2022
XXE vulnerability in Jenkins OWASP Dependency-Check Plugin
High
CVE-2021-43577
was published
for
org.jenkins-ci.plugins:dependency-check-jenkins-plugin
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API