Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

247 advisories

Loading
Missing permission checks in Jenkins Config File Provider Plugin allow enumerating configuration file IDs Moderate
CVE-2021-21645 was published for org.jenkins-ci.plugins:config-file-provider (Maven) May 24, 2022
NotMyFault
Missing permission checks in Micro Focus Application Automation Tools Plugin Moderate
CVE-2021-22513 was published for org.jenkins-ci.plugins:hp-application-automation-tools-plugin (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins OWASP Dependency-Track Plugin allow capturing credentials Moderate
CVE-2021-21632 was published for org.jenkins-ci.plugins:dependency-track (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins Team Foundation Server Plugin allow capturing credentials Moderate
CVE-2021-21637 was published for org.jenkins-ci.plugins:tfs (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins Team Foundation Server Plugin allows enumerating credentials IDs Moderate
CVE-2021-21636 was published for org.jenkins-ci.plugins:tfs (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins Cloud Statistics Plugin Moderate
CVE-2021-21631 was published for org.jenkins-ci.plugins:cloud-stats (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins CloudBees AWS Credentials Plugin allows enumerating credentials IDs Moderate
CVE-2021-21625 was published for org.jenkins-ci.plugins:aws-credentials (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins Warnings Next Generation Plugin allow listing workspace contents Moderate
CVE-2021-21626 was published for io.jenkins.plugins:warnings-ng (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins Chaos Monkey Plugin Moderate
CVE-2020-2323 was published for io.jenkins.plugins:chaos-monkey (Maven) May 24, 2022
NotMyFault
Missing Authorization in Crafter CMS Moderate
CVE-2017-15680 was published for org.craftercms:crafter-core (Maven) May 24, 2022
Missing Authorization in Jenkins Kubernetes Plugin Moderate
CVE-2020-2308 was published for org.csanchez.jenkins.plugins:kubernetes (Maven) May 24, 2022
westonsteimel
Missing authorization in Jenkins Kubernetes Plugin Moderate
CVE-2020-2309 was published for org.csanchez.jenkins.plugins:kubernetes (Maven) May 24, 2022
westonsteimel
Missing permission checks in Jenkins Azure Key Vault Plugin allow enumerating credentials IDs Moderate
CVE-2020-2313 was published for org.jenkins-ci.plugins:azure-keyvault (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins Ansible Plugin allow enumerating credentials IDs Moderate
CVE-2020-2310 was published for org.jenkins-ci.plugins:ansible (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins AWS Global Configuration Plugin allows replacing plugin configuration Moderate
CVE-2020-2311 was published for io.jenkins.plugins:aws-global-configuration (Maven) May 24, 2022
NotMyFault
Missing Authorization in Jenkins Mercurial Plugin Moderate
CVE-2020-2306 was published for org.jenkins-ci.plugins:mercurial (Maven) May 24, 2022
westonsteimel
Missing permission check in Jenkins Active Directory Plugin allows accessing domain health check page Moderate
CVE-2020-2302 was published for org.jenkins-ci.plugins:active-directory (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins Maven Cascade Release Plugin Moderate
CVE-2020-2294 was published for com.barchart.jenkins:maven-release-cascade (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins Implied Labels Plugin allows reconfiguring the plugin Moderate
CVE-2020-2282 was published for org.jenkins-ci.plugins:implied-labels (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins Liquibase Runner Plugin allows enumerating credentials IDs Moderate
CVE-2020-2285 was published for org.jenkins-ci.plugins:liquibase-runner (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins ElasTest Plugin Moderate
CVE-2020-2272 was published for org.jenkins-ci.plugins:elastest (Maven) May 24, 2022
NotMyFault
Missing permission check in Perfecto Plugin Moderate
CVE-2020-2260 was published for io.jenkins.plugins:perfecto (Maven) May 24, 2022
NotMyFault
Missing permission checks in MongoDB Plugin Moderate
CVE-2020-2267 was published for org.jenkins-ci.plugins:mongodb (Maven) May 24, 2022
NotMyFault
Missing permission check in Blue Ocean Plugin Moderate
CVE-2020-2255 was published for io.jenkins.blueocean:blueocean (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins Database Plugin Moderate
CVE-2020-2242 was published for org.jenkins-ci.plugins:database (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database