GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
624 advisories
Filter by severity
Cross-site Scripting in Jenkins vboxwrapper Plugin
High
CVE-2022-30968
was published
for
org.jenkins-ci.plugins:vboxwrapper
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins Autocomplete Parameter Plugin
High
CVE-2022-30961
was published
for
org.jenkins-ci.plugins:autocomplete-parameter
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins JDK Parameter Plugin
High
CVE-2022-30963
was published
for
org.jenkins-ci.plugins:JDK_Parameter_Plugin
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins Global Variable String Parameter Plugin
High
CVE-2022-30962
was published
for
org.jenkins-ci.plugins:global-variable-string-parameter
(Maven)
May 18, 2022
Path traversal in Jenkins REPO Plugin
Low
CVE-2022-30949
was published
for
org.jenkins-ci.plugins:git
(Maven)
May 18, 2022
Insufficiently Protected Credentials in Jenkins Pipeline SCM API for Blue Ocean Plugin
Moderate
CVE-2022-30952
was published
for
io.jenkins.blueocean:blueocean-pipeline-scm-api
(Maven)
May 18, 2022
Missing permission check in Jenkins GitLab Plugin
Moderate
CVE-2022-30955
was published
for
org.jenkins-ci.plugins:gitlab-plugin
(Maven)
May 18, 2022
Cross-site Scripting in Jenkins Rundeck Plugin
High
CVE-2022-30956
was published
for
org.jenkins-ci.plugins:rundeck
(Maven)
May 18, 2022
Missing Authorization in Jenkins WMI Windows Agents plugin
Moderate
CVE-2022-30951
was published
for
org.jenkins-ci.plugins:windows-slaves
(Maven)
May 18, 2022
Missing Authorization in Jenkins SSH plugin
High
CVE-2022-30959
was published
for
org.jenkins-ci.plugins:ssh
(Maven)
May 18, 2022
Cross Site Request Forgery in Jenkins SSH Plugin
High
CVE-2022-30958
was published
for
org.jenkins-ci.plugins:ssh
(Maven)
May 18, 2022
Cross Site Request Forgery in Jenkins Blue Ocean Plugin
Moderate
CVE-2022-30953
was published
for
io.jenkins.blueocean:blueocean-parent
(Maven)
May 18, 2022
Path traversal in Jenkins Git Mercurial and Repo Plugins
High
CVE-2022-30947
was published
for
org.jenkins-ci.plugins:git
(Maven)
May 18, 2022
Buffer overflow in Jenkins WMI Windows Agents plugin
Moderate
CVE-2022-30950
was published
for
org.jenkins-ci.plugins:windows-slaves
(Maven)
May 18, 2022
Path traversal in Jenkins Mercurial Plugin
Low
CVE-2022-30948
was published
for
org.jenkins-ci.plugins:mercurial
(Maven)
May 18, 2022
CSRF vulnerability in Jenkins Script Security Plugin
Moderate
CVE-2022-30946
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
May 18, 2022
Sandbox bypass vulnerability through implicitly allowlisted platform Groovy files in Jenkins Pipeline: Groovy Plugin
High
CVE-2022-30945
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps
(Maven)
May 18, 2022
Stored Cross-site Scripting vulnerability in Jenkins Gerrit Trigger Plugin
High
CVE-2022-29039
was published
for
com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger
(Maven)
Apr 13, 2022
Stored Cross-site Scripting vulnerabilities in Jenkins Extended Choice Parameter Plugin
Moderate
CVE-2022-29038
was published
for
org.jenkins-ci.plugins:extended-choice-parameter
(Maven)
Apr 13, 2022
Stored Cross-site Scripting vulnerability in Jenkins Jira Plugin
Moderate
CVE-2022-29041
was published
for
org.jenkins-ci.plugins:jira
(Maven)
Apr 13, 2022
Stored Cross-site Scripting vulnerability in Jenkins Subversion Plugin
Moderate
CVE-2022-29046
was published
for
org.jenkins-ci.plugins:subversion
(Maven)
Apr 13, 2022
Stored Cross-site Scripting vulnerability in Jenkins Job Generator Plugin
Moderate
CVE-2022-29042
was published
for
org.jenkins-ci.plugins:jobgenerator
(Maven)
Apr 13, 2022
Stored Cross-site Scripting in Jenkins Mask Passwords Plugin
Moderate
CVE-2022-29043
was published
for
org.jenkins-ci.plugins:mask-passwords
(Maven)
Apr 13, 2022
Untrusted users can modify some Pipeline libraries in Jenkins Pipeline: Deprecated Groovy Libraries Plugin
High
CVE-2022-29047
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
(Maven)
Apr 13, 2022
Stored Cross-site Scripting in Jenkins Node and Label parameter Plugin
Moderate
CVE-2022-29044
was published
for
org.jenkins-ci.plugins:nodelabelparameter
(Maven)
Apr 13, 2022
ProTip!
Advisories are also available from the
GraphQL API