Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,821
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,004
Swift
38
Unreviewed advisories
All unreviewed
5,000+

335 advisories

Loading
CSRF vulnerability in Jenkins P4 Plugin Moderate
CVE-2020-2141 was published for org.jenkins-ci.plugins:p4 (Maven) May 24, 2022
NotMyFault
Arbitrary file write vulnerability in Jenkins Cobertura Plugin Moderate
CVE-2020-2139 was published for org.jenkins-ci.plugins:cobertura (Maven) May 24, 2022
NotMyFault
XSS vulnerability in Jenkins Audit Trail Plugin Moderate
CVE-2020-2140 was published for org.jenkins-ci.plugins:audit-trail (Maven) May 24, 2022
NotMyFault
Jenkins Git Parameter Plugin vulnerable to stored cross-site scripting (XSS) Moderate
CVE-2020-2113 was published for org.jenkins-ci.tools:git-parameter (Maven) May 24, 2022
NotMyFault
Non-constant time HMAC comparison Moderate
CVE-2020-2102 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Non-constant time comparison of inbound TCP agent connection secret Moderate
CVE-2020-2101 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Database Plugin Moderate
CVE-2020-2241 was published for org.jenkins-ci.plugins:database (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Swarm Plugin Moderate
CVE-2020-2192 was published for org.jenkins-ci.plugins:swarm (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Compact Columns Plugin Moderate
CVE-2020-2195 was published for org.jenkins-ci.plugins:compact-columns (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Scriptler Plugin Moderate
CVE-2021-21700 was published for org.jenkins-ci.plugins:scriptler (Maven) May 24, 2022
NotMyFault
Incorrect default pattern in Jenkins Audit Trail Plugin Moderate
CVE-2020-2288 was published for org.jenkins-ci.plugins:audit-trail (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Micro Focus Application Automation Tools Plugin Moderate
CVE-2021-22512 was published for org.jenkins-ci.plugins:hp-application-automation-tools-plugin (Maven) May 24, 2022
NotMyFault
Improper permission checks allow canceling queue items and aborting builds in Jenkins Moderate
CVE-2021-21670 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Incorrect permission checks in Jenkins Config File Provider Plugin allow enumerating credentials IDs Moderate
CVE-2021-21643 was published for org.jenkins-ci.plugins:config-file-provider (Maven) May 24, 2022
NotMyFault
SSL/TLS certificate validation unconditionally disabled by Jenkins Micro Focus Application Automation Tools Plugin Moderate
CVE-2021-22511 was published for org.jenkins-ci.plugins:hp-application-automation-tools-plugin (Maven) May 24, 2022
NotMyFault
View name validation bypass in Jenkins Moderate
CVE-2021-21640 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Passwords stored in plain text by Jenkins Jabber (XMPP) notifier and control Plugin Moderate
CVE-2021-21634 was published for org.jvnet.hudson.plugins:jabber (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins CloudBees AWS Credentials Plugin allows enumerating credentials IDs Moderate
CVE-2021-21625 was published for org.jenkins-ci.plugins:aws-credentials (Maven) May 24, 2022
NotMyFault
Incorrect permission check in Health Advisor by CloudBees Plugin Moderate
CVE-2020-2258 was published for org.jenkins-ci.plugins:cloudbees-jenkins-advisor (Maven) May 24, 2022
NotMyFault
Stored Cross-site Scripting vulnerability in Jenkins Folder-based Authorization Strategy Plugin Moderate
CVE-2022-27200 was published for io.jenkins.plugins:folder-auth (Maven) Mar 16, 2022
NotMyFault
Arbitrary file read vulnerability in Jenkins Continuous Integration with Toad Edge Plugin Moderate
CVE-2022-28146 was published for org.jenkins-ci.plugins:ci-with-toad-edge (Maven) Mar 30, 2022
NotMyFault
Missing permission check in Jenkins JiraTestResultReporter Plugin Moderate
CVE-2022-28137 was published for org.jenkins-ci.plugins:JiraTestResultReporter (Maven) Mar 30, 2022
NotMyFault
Reflected XSS vulnerability in Jenkins Queue cleanup Plugin Moderate
CVE-2020-2169 was published for org.jenkins-ci.plugins:queue-cleanup (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins Blue Ocean Plugin Moderate
CVE-2022-30954 was published for io.jenkins.blueocean:blueocean-parent (Maven) May 18, 2022
NotMyFault
Missing permission checks in Jenkins P4 Plugin Moderate
CVE-2020-2142 was published for org.jenkins-ci.plugins:p4 (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database