Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

140 advisories

Loading
Storing Password in Local Storage Moderate
GHSA-wvh7-5p38-2qfc was published for parse (npm) Jul 23, 2020
dplewis pocketcolin
Personal tokens stored in plain text by Jenkins incapptic connect uploader Plugin Moderate
CVE-2022-27218 was published for com.incapptic.plugins:incapptic-connect-uploader (Maven) Mar 16, 2022
NotMyFault
Plaintext storage in Jenkins instant-messaging Plugin Moderate
CVE-2022-28135 was published for org.jvnet.hudson.plugins:instant-messaging (Maven) Mar 30, 2022
NotMyFault
Jenkins jira-ext Plugin stores credentials unencrypted High
CVE-2019-10302 was published for org.jenkins-ci.plugins:jira-ext (Maven) May 24, 2022
Plaintext Storage of a Password in Jenkins Configuration as Code Plugin Moderate
CVE-2019-10345 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022
DingTalk Plugin stores credentials in plain text Low
CVE-2019-10433 was published for io.jenkins.plugins:dingding-notifications (Maven) May 24, 2022
Jenkins LDAP Email Plugin shows plain text password in configuration form Low
CVE-2019-10434 was published for com.mtvi.plateng.hudson:ldapemail (Maven) May 24, 2022
Plaintext Storage in Jenkins Spira Importer Plugin Low
CVE-2019-16543 was published for com.inflectra.spiratest.plugins:inflectra-spira-integration (Maven) May 24, 2022
Jenkins Weibo Plugin stores credentials unencrypted in its global configuration file Low
CVE-2019-16572 was published for org.jenkins-ci.plugins:weibo (Maven) May 24, 2022
Fortify Plugin stored credentials in plain text Moderate
CVE-2020-2107 was published for org.jenkins-ci.plugins:fortify (Maven) May 24, 2022
NotMyFault
Client secret transmitted in plain text by Azure AD Plugin Low
CVE-2020-2119 was published for org.jenkins-ci.plugins:azure-ad (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Parasoft Environment Manager Plugin Moderate
CVE-2020-2132 was published for com.parasoft:environment-manager (Maven) May 24, 2022
NotMyFault
Credentials stored in plain text by debian-package-builder Plugin Low
CVE-2020-2125 was published for ru.yandex.jenkins.plugins.debuilder:debian-package-builder (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Dynamic Extended Choice Parameter Plugin Moderate
CVE-2020-2124 was published for com.moded.extendedchoiceparameter:dynamic_extended_choice_parameter (Maven) May 24, 2022
NotMyFault
Credential stored in plain text by BMC Release Package and Deployment Plugin Low
CVE-2020-2127 was published for RPD:bmc-rpd (Maven) May 24, 2022
NotMyFault
Password stored in plain text by ECX Copy Data Management Plugin Moderate
CVE-2020-2128 was published for com.catalogic.ecxjenkins:catalogic-ecx (Maven) May 24, 2022
NotMyFault
Plaintext Storage of a Password in Jenkins Eagle Tester Plugin Moderate
CVE-2020-2129 was published for com.mobileenerlytics.eagle.tester:eagle-tester (Maven) May 24, 2022
Token stored in plain text by DigitalOcean Plugin Low
CVE-2020-2126 was published for com.dubture.jenkins:digitalocean-plugin (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Applatix Plugin Moderate
CVE-2020-2133 was published for com.applatix.jenkins:applatix (Maven) May 24, 2022
NotMyFault
Passwords stored in plain text by Harvest SCM Plugin Moderate
CVE-2020-2131 was published for org.jenkins-ci.plugins:harvest (Maven) May 24, 2022
NotMyFault
Passwords stored in plain text by Harvest SCM Plugin Moderate
CVE-2020-2130 was published for org.jenkins-ci.plugins:harvest (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API