Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,035
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

727 advisories

Loading
RuoYi 4.7.3 vulnerable to arbitrary file upload in background management module Moderate
CVE-2022-32065 was published for com.ruoyi:ruoyi (Maven) Jul 14, 2022
Apache Druid before 0.23.0 vulnerable to reflected XSS via unescaped URL parameters Moderate
CVE-2021-44791 was published for org.apache.druid:druid (Maven) Jul 8, 2022
Insufficient user input in Apache Jetspeed-2 Critical
CVE-2022-32533 was published for org.apache.portals.jetspeed-2:jetspeed-commons (Maven) Jul 7, 2022
Cross-site Scripting in Jenkins TestNG Results Plugin High
CVE-2022-34778 was published for org.jenkins-ci.plugins:testng-plugin (Maven) Jul 1, 2022
NotMyFault
Jenkins Project Inheritance Plugin vulnerable to cross site scripting High
CVE-2022-34787 was published for hudson.plugins:project-inheritance (Maven) Jul 1, 2022
NotMyFault
Cross site scripting in Jenkins build-metrics Plugin High
CVE-2022-34784 was published for org.jenkins-ci.plugins:build-metrics (Maven) Jul 1, 2022
NotMyFault
Cross-site Scripting in Jenkins GitLab Plugin High
CVE-2022-34777 was published for org.jenkins-ci.plugins:gitlab-plugin (Maven) Jul 1, 2022
NotMyFault
Cross-site Scripting in Jenkins eXtreme Feedback Panel Plugin High
CVE-2022-34790 was published for org.jenkins-ci.plugins:xfpanel (Maven) Jul 1, 2022
NotMyFault
Jenkins Matrix Reloaded Plugin vulnerable to Stored XSS High
CVE-2022-34788 was published for net.praqma:matrix-reloaded (Maven) Jul 1, 2022
NotMyFault
Cross-site Scripting in Jenkins Deployment Dashboard Plugin High
CVE-2022-34795 was published for org.jenkins-ci.plugins:ec2-deployment-dashboard (Maven) Jul 1, 2022
NotMyFault
Cross-site Scripting in Jenkins Validating Email Parameter Plugin High
CVE-2022-34791 was published for io.jenkins.plugins:validating-email-parameter (Maven) Jul 1, 2022
NotMyFault
Cross-site Scripting in Jenkins Rich Text Publisher Plugin High
CVE-2022-34786 was published for org.jenkins-ci.plugins:rich-text-publisher-plugin (Maven) Jul 1, 2022
NotMyFault
Cross-site Scripting in Jenkins Plot Plugin High
CVE-2022-34783 was published for org.jenkins-ci.plugins:plot (Maven) Jul 1, 2022
NotMyFault
Cross-site Scripting in Jenkins Stash Branch Parameter Plugin High
CVE-2022-34198 was published for org.jenkins-ci.plugins:StashBranchParameter (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Apache Tomcat Moderate
CVE-2022-34305 was published for org.apache.tomcat:tomcat (Maven) Jun 24, 2022
Cross-site Scripting in Jfinal CMS Moderate
CVE-2022-33113 was published for com.jfinal:jfinal (Maven) Jun 24, 2022
Cross-site Scripting vulnerability in Jenkins High
CVE-2022-34170 was published for org.jenkins-ci.main:jenkins-core (Maven) Jun 24, 2022
NotMyFault sunSUNQ
Cross-site Scripting in Jenkins REST List Parameter Plugin High
CVE-2022-34196 was published for io.jenkins.plugins:rest-list-parameter (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins NS-ND Integration Performance Publisher Plugin High
CVE-2022-34191 was published for io.jenkins.plugins:cavisson-ns-nd-integration (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Maven Metadata Plugin High
CVE-2022-34190 was published for eu.markov.jenkins.plugin.mvnmeta:maven-metadata-plugin (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Agent Server Parameter Plugin High
CVE-2022-34183 was published for io.jenkins.plugins:agent-server-parameter (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Repository Connector Plugin High
CVE-2022-34195 was published for org.jenkins-ci.plugins:repository-connector (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins CRX Content Package Deployer Plugin High
CVE-2022-34184 was published for org.jenkins-ci.plugins:crx-content-package-deployer (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins ontrack Jenkins Plugin High
CVE-2022-34192 was published for org.jenkins-ci.plugins:ontrack (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Date Parameter Plugin High
CVE-2022-34185 was published for me.leejay.jenkins:date-parameter (Maven) Jun 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database