Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,651
Erlang
34
GitHub Actions
26
Go
2,253
Maven
5,000+
npm
3,906
NuGet
703
pip
3,677
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

156 advisories

Loading
Stored Cross-site Scripting vulnerability in Jenkins Agent Server Parameter Plugin High
CVE-2022-25191 was published for io.jenkins.plugins:agent-server-parameter (Maven) Feb 16, 2022
NotMyFault
Cross site scripting in registration template in xwiki-platform High
CVE-2022-23622 was published for org.xwiki.platform:xwiki-platform-web-templates (Maven) Feb 9, 2022
Cross-Site Scripting High
CVE-2021-20293 was published for org.jboss.resteasy:resteasy-bom (Maven) Jun 15, 2021
Code injection in keycloak High
CVE-2021-20222 was published for org.keycloak:keycloak-parent (Maven) May 13, 2021
Reflected Cross-site Scripting in ACS Commons High
CVE-2021-21028 was published for com.adobe.acs:acs-aem-commons (Maven) Feb 2, 2021
RFD attack via Content-Disposition header sourced from request input by Spring MVC or Spring WebFlux Application High
CVE-2020-5398 was published for org.springframework:spring-webflux (Maven) Jan 21, 2020
briandealwis sunSUNQ
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database