GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,935 advisories
ballcat-codegen template engine remote code execution injection
High
CVE-2022-24881
was published
for
com.hccake:ballcat-codegen
(Maven)
Apr 27, 2022
OutOfMemory Exception by specifically crafted processing instruction in NekoHtml Parser
High
CVE-2022-29546
was published
for
net.sourceforge.htmlunit:neko-htmlunit
(Maven)
Apr 26, 2022
Improper Input Validation in GeoServer
High
CVE-2022-24847
was published
for
org.geoserver:gs-main
(Maven)
Apr 22, 2022
Selenium Server (Grid) CSRF
High
CVE-2022-28108
was published
for
org.seleniumhq.selenium:selenium-grid
(Maven)
Apr 20, 2022
Improper handling of case sensitivity in Spring Framework
High
CVE-2022-22968
was published
for
org.springframework:spring-context
(Maven)
Apr 15, 2022
Stored Cross-site Scripting vulnerability in Jenkins Gerrit Trigger Plugin
High
CVE-2022-29039
was published
for
com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger
(Maven)
Apr 13, 2022
Untrusted users can modify some Pipeline libraries in Jenkins Pipeline: Deprecated Groovy Libraries Plugin
High
CVE-2022-29047
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
(Maven)
Apr 13, 2022
Stored Cross-site Scripting vulnerability in Jenkins Promoted Builds Plugin
High
CVE-2022-29045
was published
for
org.jenkins-ci.plugins:promoted-builds
(Maven)
Apr 13, 2022
CSRF vulnerability in Jenkins Publish Over FTP Plugin
High
CVE-2022-29050
was published
for
org.jenkins-ci.plugins:publish-over-ftp
(Maven)
Apr 13, 2022
Promotion names in Jenkins promoted builds Plugin are not validated when using Job DSL
High
CVE-2022-29049
was published
for
org.jenkins-ci.plugins:promoted-builds
(Maven)
Apr 13, 2022
XML External Entity Reference vulnerability in Jenkins Pipeline: Phoenix AutoTest Plugin
High
CVE-2022-28155
was published
for
com.surenpi.jenkins:phoenix-autotest
(Maven)
Mar 30, 2022
ProTip!
Advisories are also available from the
GraphQL API