Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

335 advisories

Loading
Time-of-check Time-of-use (TOCTOU) Race Condition in Jenkins Moderate
CVE-2021-21615 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Applatix Plugin Moderate
CVE-2020-2133 was published for com.applatix.jenkins:applatix (Maven) May 24, 2022
NotMyFault
Reflected XSS vulnerability in Jenkins AWSEB Deployment Plugin Moderate
CVE-2020-2174 was published for br.com.ingenieux.jenkins.plugins:awseb-deployment-plugin (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Flaky Test Handler Plugin Moderate
CVE-2020-2237 was published for org.jenkins-ci.plugins:flaky-test-handler (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins ECharts API Plugin Moderate
CVE-2020-2194 was published for io.jenkins.plugins:echarts-api (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins ECharts API Plugin Moderate
CVE-2020-2193 was published for io.jenkins.plugins:echarts-api (Maven) May 24, 2022
NotMyFault
XSS vulnerability in Jenkins useMango Runner Plugin Moderate
CVE-2020-2176 was published for it.infuse.jenkins:usemango-runner (Maven) May 24, 2022
NotMyFault
Content-Security-Policy protection for user content disabled by Jenkins ZAP Pipeline Plugin Moderate
CVE-2020-2214 was published for com.vrondakis.zap:zap-pipeline (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Zephyr for JIRA Test Management Plugin Moderate
CVE-2020-2215 was published for org.jenkins-ci.plugins:zephyr-for-jira-test-management (Maven) May 24, 2022
NotMyFault
Missing permission check in Perfecto Plugin Moderate
CVE-2020-2260 was published for io.jenkins.plugins:perfecto (Maven) May 24, 2022
NotMyFault
Arbitrary file read vulnerability in Copy data to workspace Jenkins Plugin Moderate
CVE-2020-2275 was published for org.jvnet.hudson.plugins:copy-data-to-workspace-plugin (Maven) May 24, 2022
NotMyFault
Missing permission checks in MongoDB Plugin Moderate
CVE-2020-2267 was published for org.jenkins-ci.plugins:mongodb (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Link Column Plugin Moderate
CVE-2020-2219 was published for org.jenkins-ci.plugins:link-column (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Sonargraph Integration Plugin Moderate
CVE-2020-2201 was published for org.jenkins-ci.plugins:sonargraph-integration (Maven) May 24, 2022
NotMyFault
Reflected XSS in Jenkins Compatibility Action Storage Plugin Moderate
CVE-2020-2217 was published for org.jenkins-ci.plugins:compatibility-action-storage (Maven) May 24, 2022
NotMyFault
Missing Authorization in Jenkins Deployment Dashboard Plugin Moderate
CVE-2022-34798 was published for org.jenkins-ci.plugins:ec2-deployment-dashboard (Maven) Jul 1, 2022
NotMyFault
Cross-Site Request Forgery in Jenkins Deployment Dashboard Plugin Moderate
CVE-2022-34797 was published for org.jenkins-ci.plugins:ec2-deployment-dashboard (Maven) Jul 1, 2022
NotMyFault
Missing permission check in Jenkins OpenShift Deployer Plugin Moderate
CVE-2022-36907 was published for org.jenkins-ci.plugins:openshift-deployer (Maven) Jul 28, 2022
NotMyFault
CSRF vulnerability and mM Moderate
CVE-2022-41246 was published for org.jenkins-ci.plugins:ws-execution-manager (Maven) Sep 22, 2022
NotMyFault
CSRF vulnerability in Jenkins OpenShift Deployer Plugin Moderate
CVE-2022-36908 was published for org.jenkins-ci.plugins:openshift-deployer (Maven) Jul 28, 2022
NotMyFault
CSRF vulnerability in Jenkins OpenShift Deployer Plugin Moderate
CVE-2022-36906 was published for org.jenkins-ci.plugins:openshift-deployer (Maven) Jul 28, 2022
NotMyFault
Incorrect Authorization in Jenkins Request Rename Or Delete Plugin Moderate
CVE-2022-34814 was published for org.jenkins-ci.plugins:rrod (Maven) Jul 1, 2022
NotMyFault
Incorrect Authorization in Jenkins requests-plugin Moderate
CVE-2022-34782 was published for org.jenkins-ci.plugins:requests (Maven) Jul 1, 2022
NotMyFault
Missing Authorization in Jenkins XPath Configuration Viewer Plugin Moderate
CVE-2022-34811 was published for org.jenkins-ci.plugins:xpath-config-viewer (Maven) Jul 1, 2022
NotMyFault
CSRF vulnerability in Jenkins XebiaLabs XL Release Plugin allow capturing credentials Moderate
CVE-2022-34780 was published for com.xebialabs.ci:xlrelease-plugin (Maven) Jul 1, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database