Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

624 advisories

Loading
Cross-site Scripting in Jenkins Sauce OnDemand Plugin High
CVE-2022-34197 was published for org.jenkins-ci.plugins:sauce-ondemand (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Dynamic Extended Choice Parameter Plugin High
CVE-2022-34186 was published for com.moded.extendedchoiceparameter:dynamic_extended_choice_parameter (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Filesystem List Parameter Plugin High
CVE-2022-34187 was published for aendter.jenkins.plugins:filesystem-list-parameter-plugin (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins ontrack Jenkins Plugin High
CVE-2022-34192 was published for org.jenkins-ci.plugins:ontrack (Maven) Jun 24, 2022
NotMyFault
Missing permission check in Jenkins Convertigo Mobile Platform Plugin Moderate
CVE-2022-34201 was published for com.convertigo.jenkins.plugins:convertigo-mobile-platform (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting vulnerability in Jenkins High
CVE-2022-34173 was published for org.jenkins-ci.main:jenkins-core (Maven) Jun 24, 2022
NotMyFault
Agent-to-controller security bypass in Jenkins xUnit Plugin Moderate
CVE-2022-34181 was published for org.jenkins-ci.plugins:xunit (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Agent Server Parameter Plugin High
CVE-2022-34183 was published for io.jenkins.plugins:agent-server-parameter (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins CRX Content Package Deployer Plugin High
CVE-2022-34184 was published for org.jenkins-ci.plugins:crx-content-package-deployer (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Date Parameter Plugin High
CVE-2022-34185 was published for me.leejay.jenkins:date-parameter (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins Stash Branch Parameter Plugin High
CVE-2022-34198 was published for org.jenkins-ci.plugins:StashBranchParameter (Maven) Jun 24, 2022
NotMyFault
Cross-site Scripting in Jenkins JUnit Plugin High
CVE-2022-34176 was published for org.jenkins-ci.plugins:junit (Maven) Jun 24, 2022
NotMyFault
Password stored in plain text by Jenkins VMware Lab Manager Slaves Plugin Low
CVE-2020-2319 was published for org.jenkins-ci.plugins:labmanager (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Jenkins AppSpider Plugin Low
CVE-2020-2314 was published for com.rapid7:jenkinsci-appspider-plugin (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins Project Inheritance Plugin Moderate
CVE-2020-2198 was published for hudson.plugins:project-inheritance (Maven) May 24, 2022
NotMyFault
RCE vulnerability in Jenkins Azure Container Service Plugin High
CVE-2020-2168 was published for org.jenkins-ci.plugins:azure-acs (Maven) May 24, 2022
NotMyFault
XXE vulnerability in Jenkins RapidDeploy Plugin High
CVE-2020-2171 was published for org.jenkins-ci.plugins:rapiddeploy-jenkins (Maven) May 24, 2022
NotMyFault
RCE vulnerability in Jenkins Pipeline: AWS Steps Plugin High
CVE-2020-2166 was published for de.taimos:pipeline-aws (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins RapidDeploy Plugin Moderate
CVE-2020-2170 was published for org.jenkins-ci.plugins:rapiddeploy-jenkins (Maven) May 24, 2022
NotMyFault
Passwords stored in plain text by Mail Commander Plugin for Jenkins-ci Plugin Moderate
CVE-2020-2318 was published for org.jenkins-ci.plugins:mailcommander (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins brakeman Plugin Moderate
CVE-2020-2122 was published for org.jenkins-ci.plugins:brakeman (Maven) May 24, 2022
NotMyFault
Credentials transmitted in plain text by Repository Connector Plugin Low
CVE-2020-2149 was published for org.jenkins-ci.plugins:repository-connector (Maven) May 24, 2022
NotMyFault
RCE vulnerability in Google Kubernetes Engine Plugin High
CVE-2020-2121 was published for org.jenkins-ci.plugins:google-kubernetes-engine (Maven) May 24, 2022
NotMyFault
Credentials transmitted in plain text by OpenShift Deployer Plugin Low
CVE-2020-2155 was published for org.jenkins-ci.plugins:openshift-deployer (Maven) May 24, 2022
NotMyFault
Jenkins Sonar Quality Gates Plugin transmits credentials in plain text during configuration Low
CVE-2020-2150 was published for org.jenkins-ci.plugins:sonar-quality-gates (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database