GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
624 advisories
Filter by severity
CSRF vulnerability in Jenkins Flaky Test Handler Plugin
Moderate
CVE-2020-2237
was published
for
org.jenkins-ci.plugins:flaky-test-handler
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Klocwork Analysis Plugin
High
CVE-2020-2247
was published
for
org.jenkins-ci.plugins:klocwork
(Maven)
May 24, 2022
Reflected XSS vulnerability in Jenkins AWSEB Deployment Plugin
Moderate
CVE-2020-2174
was published
for
br.com.ingenieux.jenkins.plugins:awseb-deployment-plugin
(Maven)
May 24, 2022
OS command injection in CryptoMove Plugin
High
CVE-2020-2159
was published
for
io.jenkins.plugins:cryptomove
(Maven)
May 24, 2022
Remote Code Execution vulnerability in Jenkins Literate Plugin
High
CVE-2020-2158
was published
for
org.jenkins-ci.plugins:literate
(Maven)
May 24, 2022
Password stored in plain text by Applatix Plugin
Moderate
CVE-2020-2133
was published
for
com.applatix.jenkins:applatix
(Maven)
May 24, 2022
Credentials transmitted in plain text by Jenkins DeployHub Plugin
Low
CVE-2020-2156
was published
for
com.openmake:deployhub
(Maven)
May 24, 2022
Credentials transmitted in plain text by Skytap Cloud CI Plugin
Low
CVE-2020-2157
was published
for
org.jenkins-ci.plugins:skytap
(Maven)
May 24, 2022
Time-of-check Time-of-use (TOCTOU) Race Condition in Jenkins
Moderate
CVE-2021-21615
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Missing permission check in Coverity Plugin allows capturing credentials
High
CVE-2022-36921
was published
for
org.jenkins-ci.plugins:coverity
(Maven)
Jul 28, 2022
CSRF vulnerability in Jenkins Google Cloud Backup Plugin
Moderate
CVE-2022-36916
was published
for
org.jenkins-ci.plugins:google-cloud-backup
(Maven)
Jul 28, 2022
Missing permission check in Jenkins OpenShift Deployer Plugin
Moderate
CVE-2022-36909
was published
for
org.jenkins-ci.plugins:openshift-deployer
(Maven)
Jul 28, 2022
Jenkins Coverity Plugin vulnerable to cross-site request forgery (CSRF)
High
CVE-2022-36920
was published
for
org.jenkins-ci.plugins:coverity
(Maven)
Jul 28, 2022
Missing permission checks in Jenkins openstack-heat Plugin
Moderate
CVE-2022-36912
was published
for
org.jenkins-ci.plugins:openstack-heat
(Maven)
Jul 28, 2022
CSRF vulnerability in Jenkins openstack-heat Plugin
Moderate
CVE-2022-36911
was published
for
org.jenkins-ci.plugins:openstack-heat
(Maven)
Jul 28, 2022
OS command injection vulnerability in Jenkins Play Framework Plugin
High
CVE-2020-2200
was published
for
org.jenkins-ci.plugins:play-autotest-plugin
(Maven)
May 24, 2022
Arbitrary file read vulnerability in Jenkins Persona Plugin
Moderate
CVE-2020-2293
was published
for
org.jenkins-ci.plugins:persona
(Maven)
May 24, 2022
Reflected XSS vulnerability in Jenkins gitlab-hook Plugin
Moderate
CVE-2020-2096
was published
for
org.jenkins-ci.ruby-plugins:gitlab-hook
(Maven)
May 24, 2022
Missing permission checks in Jenkins Sounds Plugin allow OS command execution
High
CVE-2020-2097
was published
for
org.jenkins-ci.plugins:sounds
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Sounds Plugin allow OS command execution
High
CVE-2020-2098
was published
for
org.jenkins-ci.plugins:sounds
(Maven)
May 24, 2022
XSS vulnerability in Jenkins Subversion Partial Release Manager Plugin
Moderate
CVE-2020-2199
was published
for
org.jenkins-ci.plugins:svn-partial-release-mgr
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Shared Objects Plugin
Moderate
CVE-2020-2296
was published
for
org.jenkins-ci.plugins:shared-objects
(Maven)
May 24, 2022
Jenkins Quality Gates Plugin transmits credentials in plain text during configuration
Low
CVE-2020-2151
was published
for
org.jenkins-ci.plugins:quality-gates
(Maven)
May 24, 2022
Jenkins Subversion Release Manager Plugin vulnerable to cross-site scripting (XSS)
Moderate
CVE-2020-2152
was published
for
org.jvnet.hudson.plugins:svn-release-mgr
(Maven)
May 24, 2022
Jenkins Sonar Quality Gates Plugin transmits credentials in plain text during configuration
Low
CVE-2020-2150
was published
for
org.jenkins-ci.plugins:sonar-quality-gates
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API