Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,746
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

335 advisories

Loading
Missing permission checks in Health Advisor by CloudBees Plugin Moderate
CVE-2020-2094 was published for org.jenkins-ci.plugins:cloudbees-jenkins-advisor (Maven) May 24, 2022
NotMyFault
Redgate SQL Change Automation Plugin stored credentials in plain text Moderate
CVE-2020-2095 was published for com.redgate.plugins.redgatesqlci:redgate-sql-ci (Maven) May 24, 2022
NotMyFault
Reflected XSS vulnerability in Jenkins gitlab-hook Plugin Moderate
CVE-2020-2096 was published for org.jenkins-ci.ruby-plugins:gitlab-hook (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Health Advisor by CloudBees Plugin Moderate
CVE-2020-2093 was published for org.jenkins-ci.plugins:cloudbees-jenkins-advisor (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins Amazon EC2 Plugin Moderate
CVE-2020-2091 was published for org.jenkins-ci.plugins:ec2 (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins Blue Ocean Plugin Moderate
CVE-2022-30954 was published for io.jenkins.blueocean:blueocean-parent (Maven) May 18, 2022
NotMyFault
Cross Site Request Forgery in Jenkins Blue Ocean Plugin Moderate
CVE-2022-30953 was published for io.jenkins.blueocean:blueocean-parent (Maven) May 18, 2022
NotMyFault
Missing Authorization in Jenkins WMI Windows Agents plugin Moderate
CVE-2022-30951 was published for org.jenkins-ci.plugins:windows-slaves (Maven) May 18, 2022
NotMyFault
Insufficiently Protected Credentials in Jenkins Pipeline SCM API for Blue Ocean Plugin Moderate
CVE-2022-30952 was published for io.jenkins.blueocean:blueocean-pipeline-scm-api (Maven) May 18, 2022
NotMyFault
Missing permission check in Jenkins GitLab Plugin Moderate
CVE-2022-30955 was published for org.jenkins-ci.plugins:gitlab-plugin (Maven) May 18, 2022
NotMyFault
Buffer overflow in Jenkins WMI Windows Agents plugin Moderate
CVE-2022-30950 was published for org.jenkins-ci.plugins:windows-slaves (Maven) May 18, 2022
NotMyFault
CSRF vulnerability in Jenkins Script Security Plugin Moderate
CVE-2022-30946 was published for org.jenkins-ci.plugins:script-security (Maven) May 18, 2022
NotMyFault
Stored Cross-site Scripting vulnerabilities in Jenkins Extended Choice Parameter Plugin Moderate
CVE-2022-29038 was published for org.jenkins-ci.plugins:extended-choice-parameter (Maven) Apr 13, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Subversion Plugin Moderate
CVE-2022-29046 was published for org.jenkins-ci.plugins:subversion (Maven) Apr 13, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Jira Plugin Moderate
CVE-2022-29041 was published for org.jenkins-ci.plugins:jira (Maven) Apr 13, 2022
NotMyFault
Stored Cross-site Scripting in Jenkins Mask Passwords Plugin Moderate
CVE-2022-29043 was published for org.jenkins-ci.plugins:mask-passwords (Maven) Apr 13, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Job Generator Plugin Moderate
CVE-2022-29042 was published for org.jenkins-ci.plugins:jobgenerator (Maven) Apr 13, 2022
NotMyFault
CSRF vulnerability in Jenkins Subversion Plugin Moderate
CVE-2022-29048 was published for org.jenkins-ci.plugins:subversion (Maven) Apr 13, 2022
NotMyFault
Stored Cross-site Scripting in Jenkins Node and Label parameter Plugin Moderate
CVE-2022-29044 was published for org.jenkins-ci.plugins:nodelabelparameter (Maven) Apr 13, 2022
NotMyFault
Private key stored in plain text by Jenkins Google Compute Engine Plugin Moderate
CVE-2022-29052 was published for org.jenkins-ci.plugins:google-compute-engine (Maven) Apr 13, 2022
NotMyFault
SSL/TLS certificate validation globally disabled by Jenkins Proxmox Plugin Moderate
CVE-2022-28142 was published for org.jenkins-ci.plugins:proxmox (Maven) Mar 30, 2022
NotMyFault
Arbitrary file read vulnerability in Jenkins Continuous Integration with Toad Edge Plugin Moderate
CVE-2022-28146 was published for org.jenkins-ci.plugins:ci-with-toad-edge (Maven) Mar 30, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Bitbucket Server Integration Plugin Moderate
CVE-2022-28133 was published for io.jenkins.plugins:atlassian-bitbucket-server-integration (Maven) Mar 30, 2022
NotMyFault
Missing permission check in Jenkins JiraTestResultReporter Plugin Moderate
CVE-2022-28137 was published for org.jenkins-ci.plugins:JiraTestResultReporter (Maven) Mar 30, 2022
NotMyFault
Missing permission checks in Jekins Bitbucket Server Integration Plugin Moderate
CVE-2022-28134 was published for io.jenkins.plugins:atlassian-bitbucket-server-integration (Maven) Mar 30, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database