GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
224 advisories
Filter by severity
XXE vulnerability in Jenkins Visualworks Store Plugin
Moderate
CVE-2020-2315
was published
for
org.jenkins-ci.plugins:visualworks-store
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Subversion Plugin
Moderate
CVE-2020-2304
was published
for
org.jenkins-ci.plugins:subversion
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Mercurial Plugin
Moderate
CVE-2020-2305
was published
for
org.jenkins-ci.plugins:mercurial
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Nerrvana Plugin
Moderate
CVE-2020-2298
was published
for
org.jenkins-ci.plugins:nerrvana-plugin
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Liquibase Runner Plugin
High
CVE-2020-2284
was published
for
org.jenkins-ci.plugins:liquibase-runner
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Klocwork Analysis Plugin
High
CVE-2020-2247
was published
for
org.jenkins-ci.plugins:klocwork
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Valgrind Plugin
High
CVE-2020-2245
was published
for
org.jenkins-ci.plugins:valgrind
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Parasoft Findings Plugin
High
CVE-2020-2178
was published
for
com.parasoft:parasoft-findings
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Code Coverage API Plugin
High
CVE-2020-2172
was published
for
io.jenkins.plugins:code-coverage-api
(Maven)
May 24, 2022
Improper Restriction of XML External Entity Reference in Mulesoft APIkit
Critical
CVE-2020-10991
was published
for
rg.mule.modules:mule-apikit-module
(Maven)
May 24, 2022
XXE vulnerability in Jenkins RapidDeploy Plugin
High
CVE-2020-2171
was published
for
org.jenkins-ci.plugins:rapiddeploy-jenkins
(Maven)
May 24, 2022
XXE vulnerability in Rundeck Plugin
High
CVE-2020-2144
was published
for
org.jenkins-ci.plugins:rundeck
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Cobertura Plugin
High
CVE-2020-2138
was published
for
org.jenkins-ci.plugins:cobertura
(Maven)
May 24, 2022
XXE vulnerability in FitNesse Plugin
High
CVE-2020-2120
was published
for
org.jenkins-ci.plugins:fitnesse
(Maven)
May 24, 2022
XXE vulnerability in NUnit Plugin
High
CVE-2020-2115
was published
for
org.jenkins-ci.plugins:nunit
(Maven)
May 24, 2022
XXE vulnerability in Jenkins WebSphere Deployer Plugin
High
CVE-2020-2108
was published
for
org.jenkins-ci.plugins:websphere-deployer
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Robot Framework Plugin
High
CVE-2020-2092
was published
for
org.jenkins-ci.plugins:robot
(Maven)
May 24, 2022
XML external entity (XXE) vulnerability in Jenkins
High
CVE-2015-1809
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Jenkins Maven Release Plug-in Plugin XXE vulnerability
High
CVE-2019-16549
was published
for
org.jenkins-ci.plugins.m2release:m2release
(Maven)
May 24, 2022
Improper Restriction of XML External Entity Reference in Apache POI
Moderate
CVE-2019-12415
was published
for
org.apache.poi:poi
(Maven)
May 24, 2022
Jenkins 360 FireLine Plugin vulnerable to XML External Entity Reference
High
CVE-2019-10466
was published
for
org.jenkins-ci.plugins.plugin:fireline
(Maven)
May 24, 2022
Improper Restriction of XML External Entity Reference Jenkins Token Macro Plugin
High
CVE-2019-10337
was published
for
org.jenkins-ci.plugins:token-macro
(Maven)
May 24, 2022
Jenkins Self-Organizing Swarm Plug-in Modules Plugin XXE vulnerability via UDP broadcast response
Moderate
CVE-2019-10309
was published
for
org.jenkins-ci.plugins:swarm
(Maven)
May 24, 2022
XML External Entity Reference in Jenkins Storable Configs Plugin
High
CVE-2022-30971
was published
for
org.jvnet.hudson.plugins:storable-configs-plugin
(Maven)
May 18, 2022
Improper Restriction of XML External Entity Reference in Apache Solr
High
CVE-2012-6612
was published
for
org.apache.solr:solr-core
(Maven)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API