Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

210 advisories

Loading
Stored XSS vulnerability in android-lint Plugin High
CVE-2020-2262 was published for org.jvnet.hudson.plugins:android-lint (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Pipeline Maven Integration Plugin via unescaped display name High
CVE-2020-2256 was published for org.jenkins-ci.plugins:pipeline-maven (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Locked Files Report Plugin High
CVE-2020-2271 was published for org.jvnet.hudson.plugins:locked-files-report (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Custom Job Icon Plugin High
CVE-2020-2264 was published for org.jenkins-ci.plugins:custom-job-icon (Maven) May 24, 2022
NotMyFault
OS command execution vulnerability in Perfecto Plugin High
CVE-2020-2261 was published for io.jenkins.plugins:perfecto (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Coverage/Complexity Scatter Plot Plugin High
CVE-2020-2265 was published for org.jenkins-ci.plugins:covcomplplot (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in ClearCase Release Plugin High
CVE-2020-2270 was published for org.jvnet.hudson.plugins:clearcase-release (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in chosen-views-tabbar Plugin High
CVE-2020-2269 was published for org.jenkins-ci.plugins:chosen-views-tabbar (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Description Column Plugin High
CVE-2020-2266 was published for org.jenkins-ci.plugins:description-column-plugin (Maven) May 24, 2022
NotMyFault
System command execution vulnerability in Selection tasks Jenkins Plugin High
CVE-2020-2276 was published for org.jvnet.hudson.plugins:selection-tasks-plugin (Maven) May 24, 2022
NotMyFault
XXE vulnerability in Jenkins Liquibase Runner Plugin High
CVE-2020-2284 was published for org.jenkins-ci.plugins:liquibase-runner (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins warnings Plugin allows remote code execution High
CVE-2020-2280 was published for org.jvnet.hudson.plugins:warnings (Maven) May 24, 2022
NotMyFault
Improper authorization due to caching in Jenkins Role-based Authorization Strategy Plugin High
CVE-2020-2286 was published for org.jenkins-ci.plugins:role-strategy (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Shelve Project Plugin High
CVE-2020-2321 was published for org.jenkins-ci.plugins:shelve-project-plugin (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins Chaos Monkey Plugin High
CVE-2020-2322 was published for io.jenkins.plugins:chaos-monkey (Maven) May 24, 2022
NotMyFault
XXE vulnerability in Jenkins CVS Plugin High
CVE-2020-2324 was published for org.jenkins-ci.plugins:cvs (Maven) May 24, 2022
NotMyFault
Improper handling of REST API XML deserialization errors in Jenkins High
CVE-2021-21604 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Path traversal vulnerability in Jenkins agent names High
CVE-2021-21605 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Configuration Slicing Plugin High
CVE-2021-21617 was published for org.jenkins-ci.plugins:configurationslicing (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Libvirt Agents Plugin High
CVE-2021-21627 was published for org.jenkins-ci.plugins:libvirt-slave (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Build With Parameters Plugin High
CVE-2021-21629 was published for org.jenkins-ci.plugins:build-with-parameters (Maven) May 24, 2022
NotMyFault
CSRF vulnerability and in Jenkins OWASP Dependency-Track Plugin allow capturing credentials High
CVE-2021-21633 was published for org.jenkins-ci.plugins:dependency-track (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Team Foundation Server Plugin allow capturing credentials High
CVE-2021-21638 was published for org.jenkins-ci.plugins:tfs (Maven) May 24, 2022
NotMyFault
Reflected XSS vulnerability in Jenkins Micro Focus Application Automation Tools Plugin High
CVE-2021-22510 was published for org.jenkins-ci.plugins:hp-application-automation-tools-plugin (Maven) May 24, 2022
NotMyFault
XML External Entity Reference vulnerability in Jenkins Config File Provider Plugin High
CVE-2021-21642 was published for org.jenkins-ci.plugins:config-file-provider (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database