GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
244 advisories
XXE vulnerability in Jenkins Job Import Plugin
Critical
CVE-2019-1003015
was published
for
org.jenkins-ci.plugins:job-import-plugin
(Maven)
May 13, 2022
Improper Restriction of XML External Entity Reference in iText
High
CVE-2017-9096
was published
for
com.itextpdf:itextpdf
(Maven)
May 13, 2022
Improper Restriction of XML External Entity Reference in Apache CXF JAX-RS
High
CVE-2016-8739
was published
for
org.apache.cxf:cxf-core
(Maven)
May 13, 2022
Improper Restriction of XML External Entity Reference in Spring Framework
High
CVE-2014-0225
was published
for
org.springframework:spring-webmvc
(Maven)
May 13, 2022
XML External Entity Reference in apache jena
Critical
CVE-2022-28890
was published
for
org.apache.jena:jena
(Maven)
May 6, 2022
XML External Entity Reference vulnerability in Jenkins Pipeline: Phoenix AutoTest Plugin
High
CVE-2022-28155
was published
for
com.surenpi.jenkins:phoenix-autotest
(Maven)
Mar 30, 2022
XXE vulnerability in Jenkins Flaky Test Handler Plugin
High
CVE-2022-28140
was published
for
org.jenkins-ci.plugins:flaky-test-handler
(Maven)
Mar 30, 2022
Agent-to-controller security bypass in Jenkins Semantic Versioning Plugin
High
CVE-2022-27201
was published
for
org.jenkins-ci.plugins:semantic-versioning-plugin
(Maven)
Mar 16, 2022
ProTip!
Advisories are also available from the
GraphQL API