Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

335 advisories

Loading
Credentials stored in plain text by Jenkins White Source Plugin Moderate
CVE-2020-2213 was published for org.jenkins-ci.plugins:whitesource (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Jenkins TestComplete support Plugin Moderate
CVE-2020-2209 was published for org.jenkins-ci.plugins:TestComplete (Maven) May 24, 2022
NotMyFault
Secret stored in plain text by Jenkins GitHub Coverage Reporter Plugin Moderate
CVE-2020-2212 was published for io.jenkins.plugins:github-coverage-reporter (Maven) May 24, 2022
NotMyFault
Reflected XSS vulnerability in Jenkins VncRecorder Plugin Moderate
CVE-2020-2206 was published for org.jenkins-ci.plugins:vncrecorder (Maven) May 24, 2022
NotMyFault
Secret stored in plain text by Jenkins Slack Upload Plugin Moderate
CVE-2020-2208 was published for org.jenkins-ci.plugins:slack-uploader (Maven) May 24, 2022
NotMyFault
Passwords stored in plain text by Jenkins ReadyAPI Functional Testing Plugin Moderate
CVE-2020-2250 was published for org.jenkins-ci.plugins:soapui-pro-functional-testing (Maven) May 24, 2022
NotMyFault
Passwords transmitted in plain text by Jenkins ReadyAPI Functional Testing Plugin Moderate
CVE-2020-2251 was published for org.jenkins-ci.plugins:soapui-pro-functional-testing (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Release Plugin Moderate
CVE-2020-2292 was published for org.jenkins-ci.plugins:release (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins Maven Cascade Release Plugin Moderate
CVE-2020-2294 was published for com.barchart.jenkins:maven-release-cascade (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Maven Cascade Release Plugin Moderate
CVE-2020-2295 was published for com.barchart.jenkins:maven-release-cascade (Maven) May 24, 2022
NotMyFault
XXE vulnerability in Jenkins Nerrvana Plugin Moderate
CVE-2020-2298 was published for org.jenkins-ci.plugins:nerrvana-plugin (Maven) May 24, 2022
NotMyFault
Password written to the build log by Jenkins SQLPlus Script Runner Plugin Moderate
CVE-2020-2312 was published for org.jenkins-ci.plugins:sqlplus-script-runner (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Static Analysis Utilities Plugin Moderate
CVE-2020-2316 was published for org.jvnet.hudson.plugins:analysis-core (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins FindBugs Plugin Moderate
CVE-2020-2317 was published for org.jvnet.hudson.plugins:findbugs (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins Chaos Monkey Plugin Moderate
CVE-2020-2323 was published for io.jenkins.plugins:chaos-monkey (Maven) May 24, 2022
NotMyFault
Credentials stored in plain text by Jenkins TraceTronic ECU-TEST Plugin Moderate
CVE-2021-21612 was published for de.tracetronic.jenkins.plugins:ecutest (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Repository Connector Plugin Moderate
CVE-2021-21618 was published for org.jenkins-ci.plugins:repository-connector (Maven) May 24, 2022
NotMyFault
Cross-Site Request Forgery in the Jenkins Claim plugin Moderate
CVE-2021-21620 was published for org.jenkins-ci.plugins:claim (Maven) Jun 16, 2021
NotMyFault
XSS vulnerability in Jenkins Claim Plugin Moderate
CVE-2021-21619 was published for org.jenkins-ci.plugins:claim (Maven) May 24, 2022
NotMyFault
Passwords stored in plain text by ElasTest Plugin Moderate
CVE-2020-2274 was published for org.jenkins-ci.plugins:elastest (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins Warnings Next Generation Plugin allow listing workspace contents Moderate
CVE-2021-21626 was published for io.jenkins.plugins:warnings-ng (Maven) May 24, 2022
NotMyFault
Arbitrary file write vulnerability in Jenkins Storable Configs Plugin Moderate
CVE-2020-2278 was published for org.jvnet.hudson.plugins:storable-configs-plugin (Maven) May 24, 2022
NotMyFault
Arbitrary file read vulnerability in Jenkins Storable Configs Plugin Moderate
CVE-2020-2277 was published for org.jvnet.hudson.plugins:storable-configs-plugin (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins ElasTest Plugin Moderate
CVE-2020-2273 was published for org.jenkins-ci.plugins:elastest (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins Team Foundation Server Plugin allows enumerating credentials IDs Moderate
CVE-2021-21636 was published for org.jenkins-ci.plugins:tfs (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database