Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,315
Maven
5,000+
npm
3,949
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

326 advisories

Loading
Jenkins Deployment Dashboard Plugin has Insufficiently Protected Credentials Moderate
CVE-2022-34796 was published for org.jenkins-ci.plugins:ec2-deployment-dashboard (Maven) Jul 1, 2022
Missing Authorization in Jenkins Deployment Dashboard Plugin Moderate
CVE-2022-34798 was published for org.jenkins-ci.plugins:ec2-deployment-dashboard (Maven) Jul 1, 2022
NotMyFault
Missing Authorization in Jenkins Recipe Plugin High
CVE-2022-34794 was published for org.jenkins-ci.plugins:recipe (Maven) Jul 1, 2022
NotMyFault
Missing permission checks in Jenkins XebiaLabs XL Release Plugin allow enumerating credentials IDs Moderate
CVE-2022-34779 was published for com.xebialabs.ci:xlrelease-plugin (Maven) Jul 1, 2022
NotMyFault
Missing permission check in Jenkins ThreadFix Plugin Moderate
CVE-2022-34210 was published for org.jenkins-ci.plugins:threadfix (Maven) Jun 24, 2022
NotMyFault
Missing permission check in Jenkins vRealize Orchestrator Plugin Moderate
CVE-2022-34212 was published for org.jenkins-ci.plugins:vmware-vrealize-orchestrator (Maven) Jun 24, 2022
NotMyFault
Jenkins Beaker builder Plugin Missing Authorization vulnerability Moderate
CVE-2022-34208 was published for org.jenkins-ci.plugins:beaker-builder (Maven) Jun 24, 2022
Missing permission check in Jenkins Convertigo Mobile Platform Plugin Moderate
CVE-2022-34201 was published for com.convertigo.jenkins.plugins:convertigo-mobile-platform (Maven) Jun 24, 2022
NotMyFault
Jenkins EasyQA Plugin Missing Authorization vulnerability Moderate
CVE-2022-34204 was published for com.geteasyqa:easyqa (Maven) Jun 24, 2022
Jenkins Jianliao Notification Plugin Missing Authorization vulnerability Moderate
CVE-2022-34206 was published for org.jenkins-ci.plugins:jianliao (Maven) Jun 24, 2022
Improper authorization in Jenkins Embeddable Build Status Plugin bypasses ViewStatus permission requirement Moderate
CVE-2022-34180 was published for org.jenkins-ci.plugins:embeddable-build-status (Maven) Jun 24, 2022
NotMyFault
Missing permission check in Jenkins XebiaLabs XL Deploy Plugin allows enumerating credentials IDs Moderate
CVE-2021-21662 was published for com.xebialabs.deployit.ci:deployit-plugin (Maven) May 24, 2022
NotMyFault
Pebble Templates Improper Input Validation vulnerability Critical
CVE-2019-19899 was published for io.pebbletemplates:pebble-project (Maven) May 24, 2022
Improper handling of untrusted branches in Gitea Jenkins Plugin High
CVE-2019-10330 was published for org.jenkins-ci.plugins:gitea (Maven) May 24, 2022
westonsteimel
Jenkins Artifactory Plugin missing permission check Moderate
CVE-2019-10322 was published for org.jenkins-ci.plugins:artifactory (Maven) May 24, 2022
Jenkins Artifactory Plugin missing permission check Moderate
CVE-2019-10323 was published for org.jenkins-ci.plugins:artifactory (Maven) May 24, 2022
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins Critical
CVE-2021-21685 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault westonsteimel
sunSUNQ
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins Critical
CVE-2021-21694 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins Critical
CVE-2021-21687 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins Critical
CVE-2021-21688 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins Critical
CVE-2021-21689 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins Critical
CVE-2021-21695 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins requests-plugin Plugin allows viewing pending requests Moderate
CVE-2021-21674 was published for org.jenkins-ci.plugins:requests (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins requests-plugin Plugin allows sending emails Moderate
CVE-2021-21676 was published for org.jenkins-ci.plugins:requests (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins XebiaLabs XL Deploy Plugin allows capturing credentials Moderate
CVE-2021-21663 was published for com.xebialabs.deployit.ci:deployit-plugin (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database