Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,749
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,955
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

159 advisories

Loading
Jenkins BART Plugin vulnerable to cross-site scripting (XSS) High
CVE-2022-45387 was published for org.jenkins-ci.plugins:bart (Maven) Nov 16, 2022
NotMyFault
Jenkins Associated Files Plugin vulnerable to cross-site scripting (XSS) High
CVE-2022-45401 was published for org.jenkins-ci.main:associated-files-plugin (Maven) Nov 16, 2022
NotMyFault
Jenkins JUnit Plugin subject to Cross-site Scripting via URL conversion High
CVE-2022-45380 was published for org.jenkins-ci.plugins:junit (Maven) Nov 16, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Custom Checkbox Parameter Plugin High
CVE-2022-43425 was published for io.jenkins.plugins:custom-checkbox-parameter (Maven) Oct 19, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Pipeline: Supporting APIs Plugin High
CVE-2022-43409 was published for org.jenkins-ci.plugins.workflow:workflow-support (Maven) Oct 19, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Contrast Continuous Application Security Plugin High
CVE-2022-43420 was published for org.jenkins-ci.plugins:contrast-continuous-application-security (Maven) Oct 19, 2022
NotMyFault
Lithium vulnerable to Cross Site Scripting in provided Swagger-UI High
GHSA-f36p-42jv-8rh2 was published for com.wire.bots:lithium (Maven) Sep 30, 2022
comawill
Jenkins Anchore Container Image Scanner Plugin vulnerable to cross site scripting High
CVE-2022-41225 was published for org.jenkins-ci.plugins:anchore-container-scanner (Maven) Sep 22, 2022
NotMyFault
Jenkins NS-ND Integration Performance Publisher Plugin vulnerable to Cross-site Scripting High
CVE-2022-41229 was published for io.jenkins.plugins:cavisson-ns-nd-integration (Maven) Sep 22, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Walti plugin High
CVE-2022-41240 was published for org.jenkins-ci.plugins:walti (Maven) Sep 22, 2022
NotMyFault
Stored XSS vulnerability in Jenkins DotCi Plugin High
CVE-2022-41239 was published for com.groupon.jenkins-ci.plugins:DotCi (Maven) Sep 22, 2022
NotMyFault
Jenkins vulnerable to stored cross site scripting in the I:helpIcon component High
CVE-2022-41224 was published for org.jenkins-ci.main:jenkins-core (Maven) Sep 22, 2022
NotMyFault
XWiki Platform vulnerable to Cross-site Scripting in the deleted attachments list High
CVE-2022-36096 was published for org.xwiki.platform:xwiki-platform-index-ui (Maven) Sep 16, 2022
XWiki Platform Attachment UI vulnerable to cross-site scripting in the move attachment form High
CVE-2022-36097 was published for org.xwiki.platform:xwiki-platform-attachment-ui (Maven) Sep 16, 2022
XWiki Platform Web Parent POM vulnerable to XSS in the attachment history High
CVE-2022-36094 was published for org.xwiki.platform:xwiki-platform-web (Maven) Sep 16, 2022
JSPUI Possible Cross Site Scripting in "Request a Copy" Feature High
CVE-2022-31192 was published for org.dspace:dspace-jspui (Maven) Aug 6, 2022
JSPUI spellcheck and autocomplete tools vulnerable to Cross Site Scripting High
CVE-2022-31191 was published for org.dspace:dspace-jspui (Maven) Aug 6, 2022
Stored XSS vulnerability in Jenkins Maven Metadata Plugin for Jenkins CI server plugin High
CVE-2022-36905 was published for eu.markov.jenkins.plugin.mvnmeta:maven-metadata-plugin (Maven) Jul 28, 2022
NotMyFault
Jenkins Lucene-Search Plugin vulnerable to reflected (XSS) cross-site scripting High
CVE-2022-36922 was published for org.jenkins-ci.plugins:lucene-search (Maven) Jul 28, 2022
Stored XSS vulnerability in Jenkins Dynamic Extended Choice Parameter plugin High
CVE-2022-36902 was published for com.moded.extendedchoiceparameter:dynamic_extended_choice_parameter (Maven) Jul 28, 2022
NotMyFault
Cross-site Scripting in Jenkins Validating Email Parameter Plugin High
CVE-2022-34791 was published for io.jenkins.plugins:validating-email-parameter (Maven) Jul 1, 2022
NotMyFault
Cross-site Scripting in Jenkins Rich Text Publisher Plugin High
CVE-2022-34786 was published for org.jenkins-ci.plugins:rich-text-publisher-plugin (Maven) Jul 1, 2022
NotMyFault
Cross-site Scripting in Jenkins Deployment Dashboard Plugin High
CVE-2022-34795 was published for org.jenkins-ci.plugins:ec2-deployment-dashboard (Maven) Jul 1, 2022
NotMyFault
Cross-site Scripting in Jenkins Plot Plugin High
CVE-2022-34783 was published for org.jenkins-ci.plugins:plot (Maven) Jul 1, 2022
NotMyFault
Jenkins Matrix Reloaded Plugin vulnerable to Stored XSS High
CVE-2022-34788 was published for net.praqma:matrix-reloaded (Maven) Jul 1, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database