GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
335 advisories
Filter by severity
CSRF vulnerability in Jenkins SWAMP Plugin allows capturing credentials
Moderate
CVE-2022-25212
was published
for
org.continuousassurance.swamp.jenkins:swamp
(Maven)
Feb 16, 2022
Missing permission check in Jenkins SWAMP Plugin allows capturing credentials
Moderate
CVE-2022-25211
was published
for
org.continuousassurance.swamp.jenkins:swamp
(Maven)
Feb 16, 2022
Private key stored in plain text by Jenkins Google Compute Engine Plugin
Moderate
CVE-2022-29052
was published
for
org.jenkins-ci.plugins:google-compute-engine
(Maven)
Apr 13, 2022
Jenkins Snow Commander Plugin 2.0 vulnerable to Cross-Site Request Forgery
Moderate
CVE-2022-25192
was published
for
io.jenkins.plugins:embotics-vcommander
(Maven)
Feb 16, 2022
Jenkins Snow Commander Plugin prior to 2.0 vulnerable to Missing Authorization
Moderate
CVE-2022-25193
was published
for
io.jenkins.plugins:embotics-vcommander
(Maven)
Feb 16, 2022
Fortify Plugin stored credentials in plain text
Moderate
CVE-2020-2107
was published
for
org.jenkins-ci.plugins:fortify
(Maven)
May 24, 2022
Buffer overflow in Jenkins WMI Windows Agents plugin
Moderate
CVE-2022-30950
was published
for
org.jenkins-ci.plugins:windows-slaves
(Maven)
May 18, 2022
CSRF vulnerability in Jenkins Script Security Plugin
Moderate
CVE-2022-30946
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
May 18, 2022
Missing Authorization in Jenkins WMI Windows Agents plugin
Moderate
CVE-2022-30951
was published
for
org.jenkins-ci.plugins:windows-slaves
(Maven)
May 18, 2022
CSRF vulnerability in Jenkins XebiaLabs XL Release Plugin allow capturing credentials
Moderate
CVE-2022-34780
was published
for
com.xebialabs.ci:xlrelease-plugin
(Maven)
Jul 1, 2022
Missing permission checks in Jenkins XebiaLabs XL Release Plugin allow enumerating credentials IDs
Moderate
CVE-2022-34779
was published
for
com.xebialabs.ci:xlrelease-plugin
(Maven)
Jul 1, 2022
Missing Authorization in Jenkins XPath Configuration Viewer Plugin
Moderate
CVE-2022-34811
was published
for
org.jenkins-ci.plugins:xpath-config-viewer
(Maven)
Jul 1, 2022
CSRF vulnerability in Jenkins OpenShift Deployer Plugin
Moderate
CVE-2022-36906
was published
for
org.jenkins-ci.plugins:openshift-deployer
(Maven)
Jul 28, 2022
Incorrect Authorization in Jenkins Request Rename Or Delete Plugin
Moderate
CVE-2022-34814
was published
for
org.jenkins-ci.plugins:rrod
(Maven)
Jul 1, 2022
Incorrect Authorization in Jenkins requests-plugin
Moderate
CVE-2022-34782
was published
for
org.jenkins-ci.plugins:requests
(Maven)
Jul 1, 2022
CSRF vulnerability in Jenkins OpenShift Deployer Plugin
Moderate
CVE-2022-36908
was published
for
org.jenkins-ci.plugins:openshift-deployer
(Maven)
Jul 28, 2022
CSRF vulnerability and mM
Moderate
CVE-2022-41246
was published
for
org.jenkins-ci.plugins:ws-execution-manager
(Maven)
Sep 22, 2022
Cross-Site Request Forgery in Jenkins Deployment Dashboard Plugin
Moderate
CVE-2022-34797
was published
for
org.jenkins-ci.plugins:ec2-deployment-dashboard
(Maven)
Jul 1, 2022
Missing Authorization in Jenkins Deployment Dashboard Plugin
Moderate
CVE-2022-34798
was published
for
org.jenkins-ci.plugins:ec2-deployment-dashboard
(Maven)
Jul 1, 2022
Missing permission check in Jenkins OpenShift Deployer Plugin
Moderate
CVE-2022-36907
was published
for
org.jenkins-ci.plugins:openshift-deployer
(Maven)
Jul 28, 2022
Reflected XSS in Jenkins Compatibility Action Storage Plugin
Moderate
CVE-2020-2217
was published
for
org.jenkins-ci.plugins:compatibility-action-storage
(Maven)
May 24, 2022
Stored XSS vulnerability in Jenkins Link Column Plugin
Moderate
CVE-2020-2219
was published
for
org.jenkins-ci.plugins:link-column
(Maven)
May 24, 2022
Stored XSS vulnerability in Jenkins Sonargraph Integration Plugin
Moderate
CVE-2020-2201
was published
for
org.jenkins-ci.plugins:sonargraph-integration
(Maven)
May 24, 2022
Missing permission checks in MongoDB Plugin
Moderate
CVE-2020-2267
was published
for
org.jenkins-ci.plugins:mongodb
(Maven)
May 24, 2022
Arbitrary file read vulnerability in Copy data to workspace Jenkins Plugin
Moderate
CVE-2020-2275
was published
for
org.jvnet.hudson.plugins:copy-data-to-workspace-plugin
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API