Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+

426 advisories

Loading
Missing permission check in Jenkins Avatar Plugin Moderate
CVE-2019-10377 was published for net.hurstfrost.jenkins:avatar (Maven) May 24, 2022
Moodle Ability to delete glossary entries that belong to another glossary Moderate
CVE-2019-10187 was published for moodle/moodle (Composer) May 24, 2022
Missing Authorization in Jenkins Pipeline: Shared Groovy Libraries Plugin Moderate
CVE-2019-10357 was published for org.jenkins-ci.plugins.workflow:workflow-cps-global-lib (Maven) May 24, 2022
dbolkensteyn
Missing Authorization in Jenkins Configuration as Code Plugin Moderate
CVE-2019-10344 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022
Missing Authorization in Jenkins Moderate
CVE-2019-10354 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
Missing permission check in Jenkins Docker Plugin Moderate
CVE-2019-10342 was published for io.jenkins.docker:docker-plugin (Maven) May 24, 2022
Missing permission check in Jenkins Docker Plugin Moderate
CVE-2019-10341 was published for io.jenkins.docker:docker-plugin (Maven) May 24, 2022
Jenkins JX Resources Plugin missing permission check Moderate
CVE-2019-10339 was published for org.jenkins-ci.plugins:jx-resources (Maven) May 24, 2022
Jenkins ElectricFlow Plugin Missing permission checks Moderate
CVE-2019-10333 was published for org.jenkins-ci.plugins:electricflow (Maven) May 24, 2022
Jenkins ElectricFlow Plugin missing permission check Moderate
CVE-2019-10332 was published for org.jenkins-ci.plugins:electricflow (Maven) May 24, 2022
Missing permission check in Jenkins PAM Authentication Plugin Moderate
CVE-2019-10319 was published for org.jenkins-ci.plugins:pam-auth (Maven) May 24, 2022
Jenkins Ansible Tower Plugin missing permission check High
CVE-2019-10311 was published for org.jenkins-ci.plugins:ansible-tower (Maven) May 24, 2022
Missing permission check in Jenkins Ansible Tower Plugin Moderate
CVE-2019-10312 was published for org.jenkins-ci.plugins:ansible-tower (Maven) May 24, 2022
Missing permission check in Jenkins Static Analysis Utilities Plugin Moderate
CVE-2019-10308 was published for org.jvnet.hudson.plugins:analysis-core (Maven) May 24, 2022
Missing permission check in Jenkins XebiaLabs XL Deploy Plugin Moderate
CVE-2019-10305 was published for com.xebialabs.deployit.ci:deployit-plugin (Maven) May 24, 2022
Jenkins GitLab Plugin missing permission checks High
CVE-2019-10301 was published for org.jenkins-ci.plugins:gitlab-plugin (Maven) May 24, 2022
Regular expression denial of service in Apache ShenYu High
CVE-2022-26650 was published for org.apache.shenyu:shenyu (Maven) May 18, 2022
Missing permission check in Jenkins Blue Ocean Plugin Moderate
CVE-2022-30954 was published for io.jenkins.blueocean:blueocean-parent (Maven) May 18, 2022
NotMyFault
Missing permission check in Jenkins GitLab Plugin Moderate
CVE-2022-30955 was published for org.jenkins-ci.plugins:gitlab-plugin (Maven) May 18, 2022
NotMyFault
Missing Authorization in Jenkins SSH plugin High
CVE-2022-30959 was published for org.jenkins-ci.plugins:ssh (Maven) May 18, 2022
NotMyFault
Missing Authorization in Jenkins WMI Windows Agents plugin Moderate
CVE-2022-30951 was published for org.jenkins-ci.plugins:windows-slaves (Maven) May 18, 2022
NotMyFault
Missing permission check in Jenkins SSH Plugin Moderate
CVE-2022-30957 was published for org.jenkins-ci.plugins:ssh (Maven) May 18, 2022
MoinMoin improper access control on the included page for the rst parser Moderate
CVE-2008-6548 was published for moin (pip) May 17, 2022
Apache Sentry may allow attacker to access/remove data from Sentry protected table High
CVE-2018-8028 was published for org.apache.sentry:sentry (Maven) May 13, 2022
Jenkins openid Plugin missing permission check Moderate
CVE-2019-1003099 was published for org.jenkins-ci.plugins:openid (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database