Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

335 advisories

Loading
Stored Cross-site Scripting vulnerability in Jenkins Favorite Plugin Moderate
CVE-2022-27196 was published for org.jvnet.hudson.plugins:favorite (Maven) Mar 16, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Tests Selector Plugin Moderate
CVE-2022-28159 was published for org.jenkins-ci.plugins:selected-tests-executor (Maven) Mar 30, 2022
NotMyFault
Arbitrary file read vulnerability in Jenkins Tests Selector Plugin Moderate
CVE-2022-28160 was published for org.jenkins-ci.plugins:selected-tests-executor (Maven) Mar 30, 2022
NotMyFault
Missing permission check in Jenkins Continuous Integration with Toad Edge Plugin Moderate
CVE-2022-28147 was published for org.jenkins-ci.plugins:ci-with-toad-edge (Maven) Mar 30, 2022
NotMyFault
Path traversal vulnerability on Windows in Jenkins Continuous Integration with Toad Edge Plugin Moderate
CVE-2022-28148 was published for org.jenkins-ci.plugins:ci-with-toad-edge (Maven) Mar 30, 2022
NotMyFault
CSRF vulnerability in Jenkins Job and Node ownership Plugin Moderate
CVE-2022-28152 was published for com.synopsys.jenkinsci:ownership (Maven) Mar 30, 2022
NotMyFault
Missing permission check in Jenkins Job and Node ownership Plugin Moderate
CVE-2022-28151 was published for com.synopsys.jenkinsci:ownership (Maven) Mar 30, 2022
NotMyFault
Plaintext storage in Jenkins instant-messaging Plugin Moderate
CVE-2022-28135 was published for org.jvnet.hudson.plugins:instant-messaging (Maven) Mar 30, 2022
NotMyFault
Missing permission check in Jenkins RocketChat Notifier Plugin Moderate
CVE-2022-28139 was published for org.jenkins-ci.plugins:rocketchatnotifier (Maven) Mar 30, 2022
NotMyFault tdunlap607
CSRF vulnerability in Jenkins RocketChat Notifier Plugin Moderate
CVE-2022-28138 was published for org.jenkins-ci.plugins:rocketchatnotifier (Maven) Mar 30, 2022
NotMyFault
Missing permission check in Jenkins JiraTestResultReporter Plugin Moderate
CVE-2022-28137 was published for org.jenkins-ci.plugins:JiraTestResultReporter (Maven) Mar 30, 2022
NotMyFault
Missing permission checks in Jekins Bitbucket Server Integration Plugin Moderate
CVE-2022-28134 was published for io.jenkins.plugins:atlassian-bitbucket-server-integration (Maven) Mar 30, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Bitbucket Server Integration Plugin Moderate
CVE-2022-28133 was published for io.jenkins.plugins:atlassian-bitbucket-server-integration (Maven) Mar 30, 2022
NotMyFault
Arbitrary file read vulnerability in Jenkins Continuous Integration with Toad Edge Plugin Moderate
CVE-2022-28146 was published for org.jenkins-ci.plugins:ci-with-toad-edge (Maven) Mar 30, 2022
NotMyFault
SSL/TLS certificate validation globally disabled by Jenkins Proxmox Plugin Moderate
CVE-2022-28142 was published for org.jenkins-ci.plugins:proxmox (Maven) Mar 30, 2022
NotMyFault
Private key stored in plain text by Jenkins Google Compute Engine Plugin Moderate
CVE-2022-29052 was published for org.jenkins-ci.plugins:google-compute-engine (Maven) Apr 13, 2022
NotMyFault
Stored Cross-site Scripting in Jenkins Node and Label parameter Plugin Moderate
CVE-2022-29044 was published for org.jenkins-ci.plugins:nodelabelparameter (Maven) Apr 13, 2022
NotMyFault
CSRF vulnerability in Jenkins Subversion Plugin Moderate
CVE-2022-29048 was published for org.jenkins-ci.plugins:subversion (Maven) Apr 13, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Jira Plugin Moderate
CVE-2022-29041 was published for org.jenkins-ci.plugins:jira (Maven) Apr 13, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Job Generator Plugin Moderate
CVE-2022-29042 was published for org.jenkins-ci.plugins:jobgenerator (Maven) Apr 13, 2022
NotMyFault
Stored Cross-site Scripting in Jenkins Mask Passwords Plugin Moderate
CVE-2022-29043 was published for org.jenkins-ci.plugins:mask-passwords (Maven) Apr 13, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Subversion Plugin Moderate
CVE-2022-29046 was published for org.jenkins-ci.plugins:subversion (Maven) Apr 13, 2022
NotMyFault
Stored Cross-site Scripting vulnerabilities in Jenkins Extended Choice Parameter Plugin Moderate
CVE-2022-29038 was published for org.jenkins-ci.plugins:extended-choice-parameter (Maven) Apr 13, 2022
NotMyFault
CSRF vulnerability in Jenkins Script Security Plugin Moderate
CVE-2022-30946 was published for org.jenkins-ci.plugins:script-security (Maven) May 18, 2022
NotMyFault
Buffer overflow in Jenkins WMI Windows Agents plugin Moderate
CVE-2022-30950 was published for org.jenkins-ci.plugins:windows-slaves (Maven) May 18, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database