Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

335 advisories

Loading
Missing permission checks in Jekins Bitbucket Server Integration Plugin Moderate
CVE-2022-28134 was published for io.jenkins.plugins:atlassian-bitbucket-server-integration (Maven) Mar 30, 2022
NotMyFault
Missing permission check in Jenkins JiraTestResultReporter Plugin Moderate
CVE-2022-28137 was published for org.jenkins-ci.plugins:JiraTestResultReporter (Maven) Mar 30, 2022
NotMyFault
Missing permission check in Jenkins RocketChat Notifier Plugin Moderate
CVE-2022-28139 was published for org.jenkins-ci.plugins:rocketchatnotifier (Maven) Mar 30, 2022
NotMyFault tdunlap607
CSRF vulnerability in Jenkins Job and Node ownership Plugin Moderate
CVE-2022-28152 was published for com.synopsys.jenkinsci:ownership (Maven) Mar 30, 2022
NotMyFault
Missing permission check in Jenkins Job and Node ownership Plugin Moderate
CVE-2022-28151 was published for com.synopsys.jenkinsci:ownership (Maven) Mar 30, 2022
NotMyFault
Path traversal vulnerability on Windows in Jenkins Continuous Integration with Toad Edge Plugin Moderate
CVE-2022-28148 was published for org.jenkins-ci.plugins:ci-with-toad-edge (Maven) Mar 30, 2022
NotMyFault
Missing permission check in Jenkins Continuous Integration with Toad Edge Plugin Moderate
CVE-2022-28147 was published for org.jenkins-ci.plugins:ci-with-toad-edge (Maven) Mar 30, 2022
NotMyFault
Arbitrary file read vulnerability in Jenkins Tests Selector Plugin Moderate
CVE-2022-28160 was published for org.jenkins-ci.plugins:selected-tests-executor (Maven) Mar 30, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Tests Selector Plugin Moderate
CVE-2022-28159 was published for org.jenkins-ci.plugins:selected-tests-executor (Maven) Mar 30, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Favorite Plugin Moderate
CVE-2022-27196 was published for org.jvnet.hudson.plugins:favorite (Maven) Mar 16, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Dashboard View Plugin Moderate
CVE-2022-27197 was published for org.jenkins-ci.plugins:dashboard-view (Maven) Mar 16, 2022
NotMyFault
CSRF vulnerability and missing permission checks in Jenkins Extended Choice Parameter Plugin allow SSRF Moderate
CVE-2022-27204 was published for org.jenkins-ci.plugins:extended-choice-parameter (Maven) Mar 16, 2022
NotMyFault
Arbitrary JSON and property file read vulnerability in Jenkins Extended Choice Parameter Plugin Moderate
CVE-2022-27203 was published for org.jenkins-ci.plugins:extended-choice-parameter (Maven) Mar 16, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Folder-based Authorization Strategy Plugin Moderate
CVE-2022-27200 was published for io.jenkins.plugins:folder-auth (Maven) Mar 16, 2022
NotMyFault
Missing permission checks in Jenkins kubernetes-cd Plugin allow enumerating credentials IDs Moderate
CVE-2022-27209 was published for org.jenkins-ci.plugins:kubernetes-cd (Maven) Mar 16, 2022
NotMyFault
Passwords stored in plain text by Jenkins Vmware vRealize CodeStream Plugin Moderate
CVE-2022-27217 was published for com.vmware.vcac:vmware-vrealize-codestream (Maven) Mar 16, 2022
NotMyFault
CSRF vulnerability in Jenkins Release Helper Plugin Moderate
CVE-2022-27214 was published for org.jenkins-ci.plugins:release-helper (Maven) Mar 16, 2022
NotMyFault
Passwords stored in plain text by Jenkins dbCharts Plugin Moderate
CVE-2022-27216 was published for org.jenkins-ci.plugins:dbCharts (Maven) Mar 16, 2022
NotMyFault
CSRF vulnerability and missing permission checks in Extended Choice Parameter Plugin allow SSRF Moderate
CVE-2022-27205 was published for org.jenkins-ci.plugins:extended-choice-parameter (Maven) Mar 16, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins global-build-stats Plugin Moderate
CVE-2022-27207 was published for org.jenkins-ci.plugins:global-build-stats (Maven) Mar 16, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins List Git Branches Parameter Plugin Moderate
CVE-2022-27212 was published for org.jenkins-ci.plugins:list-git-branches-parameter (Maven) Mar 16, 2022
NotMyFault
Arbitrary file read vulnerability in Jenkins kubernetes-cd Plugin Moderate
CVE-2022-27208 was published for org.jenkins-ci.plugins:kubernetes-cd (Maven) Mar 16, 2022
NotMyFault
Missing permission checks in Jenkins Release Helper Plugin Moderate
CVE-2022-27215 was published for org.jenkins-ci.plugins:release-helper (Maven) Mar 16, 2022
NotMyFault
Personal tokens stored in plain text by Jenkins incapptic connect uploader Plugin Moderate
CVE-2022-27218 was published for com.incapptic.plugins:incapptic-connect-uploader (Maven) Mar 16, 2022
NotMyFault
Password parameter default values exposed by Jenkins Pipeline: Build Step Plugin Moderate
CVE-2022-25184 was published for org.jenkins-ci.plugins:pipeline-build-step (Maven) Feb 16, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database