GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
81 advisories
Filter by severity
SimpleSAMLphp SAML2 has an XXE in parsing SAML messages
Moderate
CVE-2024-52806
was published
for
simplesamlphp/saml2
(Composer)
Dec 2, 2024
Apache XML Graphics FOP XML External Entity Reference ('XXE') vulnerability
Moderate
CVE-2024-28168
was published
for
org.apache.xmlgraphics:fop-core
(Maven)
Oct 9, 2024
ClassGraph XML External Entity Reference
Moderate
CVE-2021-47621
was published
for
io.github.classgraph:classgraph
(Maven)
Jun 21, 2024
Apache Zeppelin SAP: connecting to a malicious SAP server allowed it to perform XXE
Moderate
CVE-2022-47894
was published
for
org.apache.zeppelin:sap
(Maven)
Apr 9, 2024
Apache Ambari XML External Entity injection
Moderate
CVE-2023-50380
was published
for
org.apache.ambari.contrib.views:wfmanager
(Maven)
Feb 27, 2024
Qualys Jenkins Plugin for Policy Compliance XML External Entity vulnerability
Moderate
CVE-2023-6147
was published
for
com.qualys.plugins:qualys-pc
(Maven)
Jan 9, 2024
Qualys Jenkins Plugin for WAS XML External Entity vulnerability
Moderate
CVE-2023-6149
was published
for
com.qualys.plugins:qualys-was
(Maven)
Jan 9, 2024
WSO2 products vulnerable to XML External Entity attack
Moderate
CVE-2023-6836
was published
for
org.wso2.am:wso2am
(Maven)
Dec 15, 2023
Duplicate Advisory: Eclipse IDE XXE in eclipse.platform
Moderate
GHSA-cc4w-3cff-j8fw
was published
for
org.eclipse.platform:eclipse.platform
(Maven)
Nov 9, 2023
•
withdrawn
svg_optimizer rubygem external XML entity (XXE) vulnerability
Moderate
CVE-2023-46035
was published
for
svg_optimizer
(RubyGems)
Oct 20, 2023
codehaus-plexus vulnerable to XML injection
Moderate
CVE-2022-4245
was published
for
org.codehaus.plexus:plexus-utils
(Maven)
Sep 25, 2023
Path traversal allows exploiting XXE vulnerability in Jenkins Job Configuration History Plugin
Moderate
CVE-2023-41932
was published
for
org.jenkins-ci.plugins:jobConfigHistory
(Maven)
Sep 6, 2023
DDFFileParser is vulnerable to XXE Attacks
Moderate
CVE-2023-41034
was published
for
org.eclipse.leshan:leshan-core
(Maven)
Aug 31, 2023
Esoteric YamlBeans XML Entity Expansion vulnerability
Moderate
CVE-2023-24620
was published
for
com.esotericsoftware.yamlbeans:yamlbeans
(Maven)
Aug 25, 2023
XML External Entity (XXE) vulnerability in the XML data handler
Moderate
CVE-2023-38490
was published
for
getkirby/cms
(Composer)
Jul 28, 2023
Jenkins External Monitor Job Type Plugin XML external entity vulnerability
Moderate
CVE-2023-37942
was published
for
org.jenkins-ci.plugins:external-monitor-job
(Maven)
Jul 12, 2023
XML External Entity (XXE) vulnerability in apoc.import.graphml
Moderate
GHSA-9vx8-f5c4-862x
was published
for
org.neo4j.procedure:apoc
(Maven)
Feb 24, 2023
XML External Entity (XXE) vulnerability in apoc.import.graphml
Moderate
CVE-2023-23926
was published
for
org.neo4j.procedure:apoc-core
(Maven)
Feb 16, 2023
OpenStack Swift XML external entities (XXE) Injection
Moderate
CVE-2022-47950
was published
for
swift
(pip)
Jan 18, 2023
XML External Entity Reference in Jenkins Violations Plugin
Moderate
CVE-2022-45386
was published
for
org.jenkins-ci.plugins:violations
(Maven)
Nov 16, 2022
XXE vulnerability on agents in Jenkins OSF Builder Suite : : XML Linter Plugin
Moderate
CVE-2022-45397
was published
for
org.jenkins-ci:update-center2
(Maven)
Nov 16, 2022
XXE vulnerability on agents in Jenkins SourceMonitor Plugin
Moderate
CVE-2022-45396
was published
for
com.thalesgroup.hudson.plugins:sourcemonitor
(Maven)
Nov 16, 2022
Concrete CMS vulnerable to XML External Entity
Moderate
CVE-2022-43689
was published
for
concrete5/concrete5
(Composer)
Nov 15, 2022
Jenkins RQM Plugin vulnerable to Improper Restriction of XML External Entity Reference
Moderate
CVE-2022-41241
was published
for
net.praqma:rqm-plugin
(Maven)
Sep 22, 2022
mofh Vulnerable to Improper Restriction of XML External Entity Reference
Moderate
GHSA-7r9x-qrpr-3cxw
was published
for
mofh
(pip)
Aug 11, 2022
ProTip!
Advisories are also available from the
GraphQL API