Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

624 advisories

Loading
Stored Cross-site Scripting in Jenkins Mask Passwords Plugin Moderate
CVE-2022-29043 was published for org.jenkins-ci.plugins:mask-passwords (Maven) Apr 13, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Subversion Plugin Moderate
CVE-2022-29046 was published for org.jenkins-ci.plugins:subversion (Maven) Apr 13, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Job Generator Plugin Moderate
CVE-2022-29042 was published for org.jenkins-ci.plugins:jobgenerator (Maven) Apr 13, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Jira Plugin Moderate
CVE-2022-29041 was published for org.jenkins-ci.plugins:jira (Maven) Apr 13, 2022
NotMyFault
Untrusted users can modify some Pipeline libraries in Jenkins Pipeline: Deprecated Groovy Libraries Plugin High
CVE-2022-29047 was published for org.jenkins-ci.plugins.workflow:workflow-cps-global-lib (Maven) Apr 13, 2022
NotMyFault
Stored Cross-site Scripting vulnerabilities in Jenkins Extended Choice Parameter Plugin Moderate
CVE-2022-29038 was published for org.jenkins-ci.plugins:extended-choice-parameter (Maven) Apr 13, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Gerrit Trigger Plugin High
CVE-2022-29039 was published for com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger (Maven) Apr 13, 2022
NotMyFault
Buffer overflow in Jenkins WMI Windows Agents plugin Moderate
CVE-2022-30950 was published for org.jenkins-ci.plugins:windows-slaves (Maven) May 18, 2022
NotMyFault
CSRF vulnerability in Jenkins Script Security Plugin Moderate
CVE-2022-30946 was published for org.jenkins-ci.plugins:script-security (Maven) May 18, 2022
NotMyFault
Path traversal in Jenkins Mercurial Plugin Low
CVE-2022-30948 was published for org.jenkins-ci.plugins:mercurial (Maven) May 18, 2022
NotMyFault
Sandbox bypass vulnerability through implicitly allowlisted platform Groovy files in Jenkins Pipeline: Groovy Plugin High
CVE-2022-30945 was published for org.jenkins-ci.plugins.workflow:workflow-cps (Maven) May 18, 2022
NotMyFault
Path traversal in Jenkins Git Mercurial and Repo Plugins High
CVE-2022-30947 was published for org.jenkins-ci.plugins:git (Maven) May 18, 2022
NotMyFault
Cross Site Request Forgery in Jenkins Blue Ocean Plugin Moderate
CVE-2022-30953 was published for io.jenkins.blueocean:blueocean-parent (Maven) May 18, 2022
NotMyFault
Missing Authorization in Jenkins SSH plugin High
CVE-2022-30959 was published for org.jenkins-ci.plugins:ssh (Maven) May 18, 2022
NotMyFault
Missing Authorization in Jenkins WMI Windows Agents plugin Moderate
CVE-2022-30951 was published for org.jenkins-ci.plugins:windows-slaves (Maven) May 18, 2022
NotMyFault
Cross Site Request Forgery in Jenkins SSH Plugin High
CVE-2022-30958 was published for org.jenkins-ci.plugins:ssh (Maven) May 18, 2022
NotMyFault
Cross-site Scripting in Jenkins Rundeck Plugin High
CVE-2022-30956 was published for org.jenkins-ci.plugins:rundeck (Maven) May 18, 2022
NotMyFault
Insufficiently Protected Credentials in Jenkins Pipeline SCM API for Blue Ocean Plugin Moderate
CVE-2022-30952 was published for io.jenkins.blueocean:blueocean-pipeline-scm-api (Maven) May 18, 2022
NotMyFault
Path traversal in Jenkins REPO Plugin Low
CVE-2022-30949 was published for org.jenkins-ci.plugins:git (Maven) May 18, 2022
NotMyFault
Missing permission check in Jenkins GitLab Plugin Moderate
CVE-2022-30955 was published for org.jenkins-ci.plugins:gitlab-plugin (Maven) May 18, 2022
NotMyFault
Cross-site Scripting in Jenkins Global Variable String Parameter Plugin High
CVE-2022-30962 was published for org.jenkins-ci.plugins:global-variable-string-parameter (Maven) May 18, 2022
NotMyFault
Cross-site Scripting in Jenkins Autocomplete Parameter Plugin High
CVE-2022-30961 was published for org.jenkins-ci.plugins:autocomplete-parameter (Maven) May 18, 2022
NotMyFault
Cross-site Scripting in Jenkins JDK Parameter Plugin High
CVE-2022-30963 was published for org.jenkins-ci.plugins:JDK_Parameter_Plugin (Maven) May 18, 2022
NotMyFault
Cross-site Scripting in Jenkins Multiselect parameter Plugin High
CVE-2022-30964 was published for io.jenkins.plugins:multiselect-parameter (Maven) May 18, 2022
NotMyFault
Cross site scripting in Jenkins Selection tasks Plugin High
CVE-2022-30967 was published for org.jvnet.hudson.plugins:selection-tasks-plugin (Maven) May 18, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database