Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

254 advisories

Loading
XXE vulnerability on agents in Jenkins SourceMonitor Plugin Moderate
CVE-2022-45396 was published for com.thalesgroup.hudson.plugins:sourcemonitor (Maven) Nov 16, 2022
NotMyFault
Credited to NotMyFault
XXE vulnerability on agents in Jenkins OSF Builder Suite : : XML Linter Plugin Moderate
CVE-2022-45397 was published for org.jenkins-ci:update-center2 (Maven) Nov 16, 2022
NotMyFault
Credited to NotMyFault
XXE vulnerability in Jenkins JAPEX Plugin High
CVE-2022-45400 was published for org.jvnet.hudson.plugins:japex (Maven) Nov 16, 2022
NotMyFault
Credited to NotMyFault
XXE vulnerability in Jenkins REPO Plugin High
CVE-2022-43415 was published for org.jenkins-ci.plugins:repo (Maven) Oct 19, 2022
NotMyFault
Credited to NotMyFault
XXE vulnerability in Jenkins Compuware Topaz for Total Test Plugin High
CVE-2022-43430 was published for com.compuware.jenkins:compuware-topaz-for-total-test (Maven) Oct 19, 2022
NotMyFault
Credited to NotMyFault
Apache SOAP's RPCRouterServlet allows reading of arbitrary files over HTTP High
CVE-2022-40705 was published for soap:soap (Maven) Sep 23, 2022
Jenkins Compuware Common Configuration Plugin vulnerable to Improper Restriction of XML External Entity Reference High
CVE-2022-41226 was published for com.compuware.jenkins:compuware-common-configuration (Maven) Sep 22, 2022
NotMyFault
Credited to NotMyFault
Jenkins RQM Plugin vulnerable to Improper Restriction of XML External Entity Reference Moderate
CVE-2022-41241 was published for net.praqma:rqm-plugin (Maven) Sep 22, 2022
NotMyFault
Credited to NotMyFault
Apache Calcite before 1.32.0 vulnerable to potential XML External Entity (XXE) attack Critical
CVE-2022-39135 was published for org.apache.calcite:calcite-core (Maven) Sep 12, 2022
Hudson XML API susceptible to External Entity Injection Vunerability prior to v3.3.2 Critical
CVE-2015-8031 was published for org.jvnet.hudson.main:hudson-core (Maven) Jul 15, 2022
XML External Entity Reference in Eclipse Lyo Moderate
CVE-2021-41042 was published for org.eclipse.lyo:lyo-parent (Maven) Jul 8, 2022
Insufficient user input in Apache Jetspeed-2 Critical
CVE-2022-32533 was published for org.apache.portals.jetspeed-2:jetspeed-commons (Maven) Jul 7, 2022
XML External Entity Reference in Jenkins Recipe Plugin High
CVE-2022-34793 was published for org.jenkins-ci.plugins:recipe (Maven) Jul 1, 2022
NotMyFault
Credited to NotMyFault
XML External Entity Reference in drools Critical
CVE-2021-41411 was published for org.drools:drools-core (Maven) Jun 17, 2022
wnicholson
Credited to wnicholson
HornetQ REST vulnerable to Improper Restriction of XML External Entity Reference Moderate
CVE-2014-3599 was published for org.hornetq.rest:hornetq-rest (Maven) May 24, 2022
XML External Entity processing vulnerability in Pipeline Maven Integration Jenkins Plugin High
CVE-2019-10327 was published for org.jenkins-ci.plugins:pipeline-maven (Maven) May 24, 2022
westonsteimel
Credited to westonsteimel
XXE vulnerability in Jenkins pom2config Plugin Moderate
CVE-2021-43576 was published for org.jenkins-ci.plugins:pom2config (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
XXE vulnerability in Jenkins Performance Plugin Moderate
CVE-2021-21701 was published for org.jenkins-ci.plugins:performance (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
XXE vulnerability in Jenkins OWASP Dependency-Check Plugin High
CVE-2021-43577 was published for org.jenkins-ci.plugins:dependency-check-jenkins-plugin (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Improper Restriction of XML External Entity Reference in Stanford CoreNLP High
CVE-2021-3869 was published for edu.stanford.nlp:stanford-corenlp (Maven) May 24, 2022
Improper Restriction of XML External Entity Reference in Stanford CoreNLP Critical
CVE-2021-3878 was published for edu.stanford.nlp:stanford-corenlp (Maven) May 24, 2022
XXE vulnerability in Jenkins Nested View Plugin High
CVE-2021-21680 was published for org.jenkins-ci.plugins:nested-view (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
XXE vulnerability in Jenkins Generic Webhook Trigger Plugin Critical
CVE-2021-21669 was published for org.jenkins-ci.plugins:generic-webhook-trigger (Maven) May 24, 2022
westonsteimel NotMyFault
Credited to westonsteimel and NotMyFault
XXE vulnerability in Jenkins URLTrigger Plugin High
CVE-2021-21659 was published for org.jenkins-ci.plugins:urltrigger (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
XXE vulnerability in Jenkins Filesystem Trigger Plugin High
CVE-2021-21657 was published for org.jenkins-ci.plugins:fstrigger (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
ProTip! Advisories are also available from the GraphQL API