Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

635 advisories

Loading
Stored Cross-site Scripting in Jenkins Node and Label parameter Plugin Moderate
CVE-2022-29044 was published for org.jenkins-ci.plugins:nodelabelparameter (Maven) Apr 13, 2022
NotMyFault
Cross site scripting in Shopizer Moderate
CVE-2022-23059 was published for com.shopizer:shopizer (Maven) Mar 30, 2022
Stored XSS vulnerability in Jenkins Bitbucket Server Integration Plugin Moderate
CVE-2022-28133 was published for io.jenkins.plugins:atlassian-bitbucket-server-integration (Maven) Mar 30, 2022
NotMyFault
Cross-site Scripting in Jenkins SiteMonitor Plugin Moderate
CVE-2022-28153 was published for org.jvnet.hudson.plugins:sitemonitor (Maven) Mar 30, 2022
Stored Cross-site Scripting vulnerability in Jenkins Tests Selector Plugin Moderate
CVE-2022-28159 was published for org.jenkins-ci.plugins:selected-tests-executor (Maven) Mar 30, 2022
NotMyFault
Cross-site Scripting in Keycloak Moderate
CVE-2021-20323 was published for org.keycloak:keycloak-core (Maven) Mar 26, 2022
Stored Cross-site Scripting in folder-auth plugin Moderate
GHSA-5vjc-qx43-r747 was published for io.jenkins.plugins:folder-auth (Maven) Mar 18, 2022
Stored Cross-site Scripting vulnerability in Jenkins Favorite Plugin Moderate
CVE-2022-27196 was published for org.jvnet.hudson.plugins:favorite (Maven) Mar 16, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Dashboard View Plugin Moderate
CVE-2022-27197 was published for org.jenkins-ci.plugins:dashboard-view (Maven) Mar 16, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Folder-based Authorization Strategy Plugin Moderate
CVE-2022-27200 was published for io.jenkins.plugins:folder-auth (Maven) Mar 16, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins global-build-stats Plugin Moderate
CVE-2022-27207 was published for org.jenkins-ci.plugins:global-build-stats (Maven) Mar 16, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins List Git Branches Parameter Plugin Moderate
CVE-2022-27212 was published for org.jenkins-ci.plugins:list-git-branches-parameter (Maven) Mar 16, 2022
NotMyFault
Cross-site Scripting in Nacos Moderate
CVE-2021-44667 was published for com.alibaba.nacos:nacos-common (Maven) Mar 12, 2022
achibear
Cross-site Scripting in jeecg-boot Moderate
CVE-2021-44585 was published for org.jeecgframework.boot:jeecg-boot-base (Maven) Mar 11, 2022
Liferay Portal and Liferay DXP vulnerable to cross-site scripting (XSS) Moderate
CVE-2021-38265 was published for com.liferay.portal:release.dxp.bom (Maven) Mar 4, 2022
Liferay Portal and Liferay DXP vulnerable to cross-site scripting (XSS) in the Gogo Shell module Moderate
CVE-2021-38269 was published for com.liferay.portal:release.dxp.bom (Maven) Mar 4, 2022
Liferay Portal and Liferay DXP cross-site scripting (XSS) vulnerability via the script console Moderate
CVE-2021-38263 was published for com.liferay.portal:release.dxp.bom (Maven) Mar 4, 2022
Liferay Portal and Liferay DXP vulnerable to cross-site scripting (XSS) in edit blog entry page Moderate
CVE-2021-38267 was published for com.liferay.portal:release.dxp.bom (Maven) Mar 4, 2022
Liferay Portal vulnerable to cross-site scripting (XSS) via the keywords parameter Moderate
CVE-2021-38264 was published for com.liferay:com.liferay.frontend.taglib.clay (Maven) Mar 4, 2022
Withdrawn: Cross-site Scripting in Kibana Moderate
CVE-2022-23710 was published for org.elasticsearch:elasticsearch (Maven) Mar 4, 2022 withdrawn
jkakavas
Cross-site Scripting in Apache JSPWiki Moderate
CVE-2022-24948 was published for org.apache.jspwiki:jspwiki-main (Maven) Feb 26, 2022
Stored XSS vulnerability in Jenkins Generic Webhook Trigger Plugin Moderate
CVE-2022-25185 was published for org.jenkins-ci.plugins:generic-webhook-trigger (Maven) Feb 16, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Promoted Builds (Simple) Plugin Moderate
CVE-2022-25202 was published for org.jenkins-ci.plugins:promoted-builds-simple (Maven) Feb 16, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Team Views Plugin Moderate
CVE-2022-25203 was published for com.sonymobile.jenkins.plugins.teamviews:team-views (Maven) Feb 16, 2022
NotMyFault
Cross-site scripting in json-sanitizer Moderate
CVE-2020-13973 was published for com.mikesamuel:json-sanitizer (Maven) Feb 10, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database