GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
271 advisories
DNS based denial of service in Apache Wicket
High
CVE-2021-23937
was published
for
org.apache.wicket:wicket-core
(Maven)
May 24, 2022
Lack of type validation in agent related REST API in Jenkins
Moderate
CVE-2021-21639
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Path traversal vulnerability in Jenkins agent names
High
CVE-2021-21605
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Arbitrary file existence check in file fingerprints in Jenkins
Moderate
CVE-2021-21606
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Improper Input Validation in Undertow
High
CVE-2020-1757
was published
for
io.undertow:undertow-core
(Maven)
May 24, 2022
RCE vulnerability in Jenkins Azure Container Service Plugin
High
CVE-2020-2168
was published
for
org.jenkins-ci.plugins:azure-acs
(Maven)
May 24, 2022
RCE vulnerability in Jenkins Pipeline: AWS Steps Plugin
High
CVE-2020-2166
was published
for
de.taimos:pipeline-aws
(Maven)
May 24, 2022
RCE vulnerability in Jenkins OpenShift Pipeline Plugin
High
CVE-2020-2167
was published
for
com.openshift.jenkins:openshift-pipeline
(Maven)
May 24, 2022
Denial of service in Apache Struts
Moderate
CVE-2016-3093
was published
for
ognl:ognl
(Maven)
May 17, 2022
Improper Input Validation in Apache ActiveMQ
Moderate
CVE-2015-6524
was published
for
org.apache.activemq:activemq-broker
(Maven)
May 17, 2022
Open redirect in Apache Struts
Moderate
CVE-2013-2248
was published
for
org.apache.struts:struts2-core
(Maven)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API