Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,315
Maven
5,000+
npm
3,949
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

326 advisories

Loading
Missing permission check in Jenkins CloudBees CD Plugin allows scheduling builds Moderate
CVE-2021-21647 was published for org.jenkins-ci.plugins:electricflow (Maven) May 24, 2022
NotMyFault westonsteimel
Missing permission checks in Jenkins Config File Provider Plugin allow enumerating configuration file IDs Moderate
CVE-2021-21645 was published for org.jenkins-ci.plugins:config-file-provider (Maven) May 24, 2022
NotMyFault
Missing permission checks in Micro Focus Application Automation Tools Plugin Moderate
CVE-2021-22513 was published for org.jenkins-ci.plugins:hp-application-automation-tools-plugin (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins Team Foundation Server Plugin allows enumerating credentials IDs Moderate
CVE-2021-21636 was published for org.jenkins-ci.plugins:tfs (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins Team Foundation Server Plugin allow capturing credentials Moderate
CVE-2021-21637 was published for org.jenkins-ci.plugins:tfs (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins OWASP Dependency-Track Plugin allow capturing credentials Moderate
CVE-2021-21632 was published for org.jenkins-ci.plugins:dependency-track (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins Cloud Statistics Plugin Moderate
CVE-2021-21631 was published for org.jenkins-ci.plugins:cloud-stats (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins Warnings Next Generation Plugin allow listing workspace contents Moderate
CVE-2021-21626 was published for io.jenkins.plugins:warnings-ng (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins CloudBees AWS Credentials Plugin allows enumerating credentials IDs Moderate
CVE-2021-21625 was published for org.jenkins-ci.plugins:aws-credentials (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins Chaos Monkey Plugin High
CVE-2020-2322 was published for io.jenkins.plugins:chaos-monkey (Maven) May 24, 2022
NotMyFault anonymous-nlp-student
Missing permission checks in Jenkins Chaos Monkey Plugin Moderate
CVE-2020-2323 was published for io.jenkins.plugins:chaos-monkey (Maven) May 24, 2022
NotMyFault
Missing Authorization in Crafter CMS Moderate
CVE-2017-15680 was published for org.craftercms:crafter-core (Maven) May 24, 2022
Missing authorization in Jenkins Kubernetes Plugin Moderate
CVE-2020-2309 was published for org.csanchez.jenkins.plugins:kubernetes (Maven) May 24, 2022
westonsteimel
Missing Authorization in Jenkins Kubernetes Plugin Moderate
CVE-2020-2308 was published for org.csanchez.jenkins.plugins:kubernetes (Maven) May 24, 2022
westonsteimel
Missing permission checks in Jenkins Ansible Plugin allow enumerating credentials IDs Moderate
CVE-2020-2310 was published for org.jenkins-ci.plugins:ansible (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins AWS Global Configuration Plugin allows replacing plugin configuration Moderate
CVE-2020-2311 was published for io.jenkins.plugins:aws-global-configuration (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins Azure Key Vault Plugin allow enumerating credentials IDs Moderate
CVE-2020-2313 was published for org.jenkins-ci.plugins:azure-keyvault (Maven) May 24, 2022
NotMyFault
Missing Authorization in Jenkins Mercurial Plugin Moderate
CVE-2020-2306 was published for org.jenkins-ci.plugins:mercurial (Maven) May 24, 2022
westonsteimel
Missing permission check in Jenkins Active Directory Plugin allows accessing domain health check page Moderate
CVE-2020-2302 was published for org.jenkins-ci.plugins:active-directory (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins Maven Cascade Release Plugin Moderate
CVE-2020-2294 was published for com.barchart.jenkins:maven-release-cascade (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins Implied Labels Plugin allows reconfiguring the plugin Moderate
CVE-2020-2282 was published for org.jenkins-ci.plugins:implied-labels (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins Liquibase Runner Plugin allows enumerating credentials IDs Moderate
CVE-2020-2285 was published for org.jenkins-ci.plugins:liquibase-runner (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins ElasTest Plugin Moderate
CVE-2020-2272 was published for org.jenkins-ci.plugins:elastest (Maven) May 24, 2022
NotMyFault
Missing permission check in Perfecto Plugin Moderate
CVE-2020-2260 was published for io.jenkins.plugins:perfecto (Maven) May 24, 2022
NotMyFault
Missing permission checks in MongoDB Plugin Moderate
CVE-2020-2267 was published for org.jenkins-ci.plugins:mongodb (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database