GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
311 advisories
Filter by severity
Improper Restriction of XML External Entity Reference in Stanford CoreNLP
Critical
CVE-2021-3878
was published
for
edu.stanford.nlp:stanford-corenlp
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Nested View Plugin
High
CVE-2021-21680
was published
for
org.jenkins-ci.plugins:nested-view
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Generic Webhook Trigger Plugin
Critical
CVE-2021-21669
was published
for
org.jenkins-ci.plugins:generic-webhook-trigger
(Maven)
May 24, 2022
SilverStripe XXE Vulnerability in CSSContentParser
Moderate
CVE-2020-25817
was published
for
silverstripe/framework
(Composer)
May 24, 2022
XML external entity vulnerability in Jenkins Nuget Plugin
Critical
CVE-2021-21658
was published
for
org.jenkins-ci.plugins:nuget
(Maven)
May 24, 2022
XXE vulnerability in Jenkins URLTrigger Plugin
High
CVE-2021-21659
was published
for
org.jenkins-ci.plugins:urltrigger
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Filesystem Trigger Plugin
High
CVE-2021-21657
was published
for
org.jenkins-ci.plugins:fstrigger
(Maven)
May 24, 2022
XML External Entity Reference vulnerability in Jenkins Config File Provider Plugin
High
CVE-2021-21642
was published
for
org.jenkins-ci.plugins:config-file-provider
(Maven)
May 24, 2022
XXE vulnerability in Jenkins CVS Plugin
High
CVE-2020-2324
was published
for
org.jenkins-ci.plugins:cvs
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Visualworks Store Plugin
Moderate
CVE-2020-2315
was published
for
org.jenkins-ci.plugins:visualworks-store
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Mercurial Plugin
Moderate
CVE-2020-2305
was published
for
org.jenkins-ci.plugins:mercurial
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Subversion Plugin
Moderate
CVE-2020-2304
was published
for
org.jenkins-ci.plugins:subversion
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Nerrvana Plugin
Moderate
CVE-2020-2298
was published
for
org.jenkins-ci.plugins:nerrvana-plugin
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Liquibase Runner Plugin
High
CVE-2020-2284
was published
for
org.jenkins-ci.plugins:liquibase-runner
(Maven)
May 24, 2022
DotPlant2 Improper Restriction of XML External Entity Reference
High
CVE-2020-25750
was published
for
devgroup/dotplant
(Composer)
May 24, 2022
XXE vulnerability in Jenkins Klocwork Analysis Plugin
High
CVE-2020-2247
was published
for
org.jenkins-ci.plugins:klocwork
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Valgrind Plugin
High
CVE-2020-2245
was published
for
org.jenkins-ci.plugins:valgrind
(Maven)
May 24, 2022
OpenStack Nova Live migration fails to update persistent domain XML
High
CVE-2020-17376
was published
for
nova
(pip)
May 24, 2022
XXE vulnerability in Jenkins Parasoft Findings Plugin
High
CVE-2020-2178
was published
for
com.parasoft:parasoft-findings
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Code Coverage API Plugin
High
CVE-2020-2172
was published
for
io.jenkins.plugins:code-coverage-api
(Maven)
May 24, 2022
Improper Restriction of XML External Entity Reference in Mulesoft APIkit
Critical
CVE-2020-10991
was published
for
rg.mule.modules:mule-apikit-module
(Maven)
May 24, 2022
XXE vulnerability in Jenkins RapidDeploy Plugin
High
CVE-2020-2171
was published
for
org.jenkins-ci.plugins:rapiddeploy-jenkins
(Maven)
May 24, 2022
AutoUpdater.NET allows XXE
Critical
CVE-2019-20627
was published
for
Autoupdater.NET.Official
(NuGet)
May 24, 2022
XXE vulnerability in Jenkins Cobertura Plugin
High
CVE-2020-2138
was published
for
org.jenkins-ci.plugins:cobertura
(Maven)
May 24, 2022
XXE vulnerability in Rundeck Plugin
High
CVE-2020-2144
was published
for
org.jenkins-ci.plugins:rundeck
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API