GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
335 advisories
Filter by severity
CSRF vulnerability in MongoDB Plugin
Moderate
CVE-2020-2268
was published
for
org.jenkins-ci.plugins:mongodb
(Maven)
May 24, 2022
Incorrect permission check in Health Advisor by CloudBees Plugin
Moderate
CVE-2020-2258
was published
for
org.jenkins-ci.plugins:cloudbees-jenkins-advisor
(Maven)
May 24, 2022
Missing permission check in Blue Ocean Plugin
Moderate
CVE-2020-2255
was published
for
io.jenkins.blueocean:blueocean
(Maven)
May 24, 2022
Path traversal vulnerability in Blue Ocean Plugin
Moderate
CVE-2020-2254
was published
for
io.jenkins.blueocean:blueocean
(Maven)
May 24, 2022
Missing hostname validation in Email Extension Plugin
Moderate
CVE-2020-2253
was published
for
org.jenkins-ci.plugins:email-ext
(Maven)
May 24, 2022
Passwords stored in plain text by Jenkins ReadyAPI Functional Testing Plugin
Moderate
CVE-2020-2250
was published
for
org.jenkins-ci.plugins:soapui-pro-functional-testing
(Maven)
May 24, 2022
Passwords transmitted in plain text by Jenkins ReadyAPI Functional Testing Plugin
Moderate
CVE-2020-2251
was published
for
org.jenkins-ci.plugins:soapui-pro-functional-testing
(Maven)
May 24, 2022
Missing permission checks in Jenkins Database Plugin
Moderate
CVE-2020-2242
was published
for
org.jenkins-ci.plugins:database
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Database Plugin
Moderate
CVE-2020-2241
was published
for
org.jenkins-ci.plugins:database
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Flaky Test Handler Plugin
Moderate
CVE-2020-2237
was published
for
org.jenkins-ci.plugins:flaky-test-handler
(Maven)
May 24, 2022
Missing permission check in Jenkins Pipeline Maven Integration Plugin allows enumerating credentials IDs
Moderate
CVE-2020-2233
was published
for
org.jenkins-ci.plugins:pipeline-maven
(Maven)
May 24, 2022
Stored XSS vulnerability in Jenkins Link Column Plugin
Moderate
CVE-2020-2219
was published
for
org.jenkins-ci.plugins:link-column
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Zephyr for JIRA Test Management Plugin
Moderate
CVE-2020-2215
was published
for
org.jenkins-ci.plugins:zephyr-for-jira-test-management
(Maven)
May 24, 2022
Content-Security-Policy protection for user content disabled by Jenkins ZAP Pipeline Plugin
Moderate
CVE-2020-2214
was published
for
com.vrondakis.zap:zap-pipeline
(Maven)
May 24, 2022
Reflected XSS in Jenkins Compatibility Action Storage Plugin
Moderate
CVE-2020-2217
was published
for
org.jenkins-ci.plugins:compatibility-action-storage
(Maven)
May 24, 2022
Missing permission checks in Zephyr for JIRA Test Management Plugin
Moderate
CVE-2020-2216
was published
for
org.jenkins-ci.plugins:zephyr-for-jira-test-management
(Maven)
May 24, 2022
Reflected XSS vulnerability in Jenkins VncViewer Plugin
Moderate
CVE-2020-2207
was published
for
org.jenkins-ci.plugins:vncviewer
(Maven)
May 24, 2022
Missing permission checks in Jenkins Fortify on Demand Plugin
Moderate
CVE-2020-2204
was published
for
org.jenkins-ci.plugins:fortify-on-demand-uploader
(Maven)
May 24, 2022
Password stored in plain text by Jenkins TestComplete support Plugin
Moderate
CVE-2020-2209
was published
for
org.jenkins-ci.plugins:TestComplete
(Maven)
May 24, 2022
Secret stored in plain text by Jenkins Slack Upload Plugin
Moderate
CVE-2020-2208
was published
for
org.jenkins-ci.plugins:slack-uploader
(Maven)
May 24, 2022
Credentials stored in plain text by Jenkins White Source Plugin
Moderate
CVE-2020-2213
was published
for
org.jenkins-ci.plugins:whitesource
(Maven)
May 24, 2022
Secret stored in plain text by Jenkins GitHub Coverage Reporter Plugin
Moderate
CVE-2020-2212
was published
for
io.jenkins.plugins:github-coverage-reporter
(Maven)
May 24, 2022
Reflected XSS vulnerability in Jenkins VncRecorder Plugin
Moderate
CVE-2020-2206
was published
for
org.jenkins-ci.plugins:vncrecorder
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Fortify on Demand Plugin
Moderate
CVE-2020-2203
was published
for
org.jenkins-ci.plugins:fortify-on-demand-uploader
(Maven)
May 24, 2022
Users with Overall/Read access could enumerate credentials IDs in Jenkins Fortify on Demand Plugin
Moderate
CVE-2020-2202
was published
for
org.jenkins-ci.plugins:fortify-on-demand-uploader
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API