GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
300 advisories
Filter by severity
Missing Authorization in Jenkins XPath Configuration Viewer Plugin
Moderate
CVE-2022-34811
was published
for
org.jenkins-ci.plugins:xpath-config-viewer
(Maven)
Jul 1, 2022
Missing permission checks in Jenkins XebiaLabs XL Release Plugin allow capturing credentials
Moderate
CVE-2022-34781
was published
for
com.xebialabs.ci:xlrelease-plugin
(Maven)
Jul 1, 2022
Jenkins build-metrics Plugin Missing Authorization vulnerability
Moderate
CVE-2022-34785
was published
for
org.jenkins-ci.plugins:build-metrics
(Maven)
Jul 1, 2022
Jenkins Deployment Dashboard Plugin has Insufficiently Protected Credentials
Moderate
CVE-2022-34796
was published
for
org.jenkins-ci.plugins:ec2-deployment-dashboard
(Maven)
Jul 1, 2022
Missing permission checks in Jenkins XebiaLabs XL Release Plugin allow enumerating credentials IDs
Moderate
CVE-2022-34779
was published
for
com.xebialabs.ci:xlrelease-plugin
(Maven)
Jul 1, 2022
Missing Authorization in Jenkins Deployment Dashboard Plugin
Moderate
CVE-2022-34798
was published
for
org.jenkins-ci.plugins:ec2-deployment-dashboard
(Maven)
Jul 1, 2022
Missing permission check in Jenkins vRealize Orchestrator Plugin
Moderate
CVE-2022-34212
was published
for
org.jenkins-ci.plugins:vmware-vrealize-orchestrator
(Maven)
Jun 24, 2022
Missing permission check in Jenkins ThreadFix Plugin
Moderate
CVE-2022-34210
was published
for
org.jenkins-ci.plugins:threadfix
(Maven)
Jun 24, 2022
Jenkins Beaker builder Plugin Missing Authorization vulnerability
Moderate
CVE-2022-34208
was published
for
org.jenkins-ci.plugins:beaker-builder
(Maven)
Jun 24, 2022
Missing permission check in Jenkins Convertigo Mobile Platform Plugin
Moderate
CVE-2022-34201
was published
for
com.convertigo.jenkins.plugins:convertigo-mobile-platform
(Maven)
Jun 24, 2022
Jenkins Jianliao Notification Plugin Missing Authorization vulnerability
Moderate
CVE-2022-34206
was published
for
org.jenkins-ci.plugins:jianliao
(Maven)
Jun 24, 2022
Jenkins EasyQA Plugin Missing Authorization vulnerability
Moderate
CVE-2022-34204
was published
for
com.geteasyqa:easyqa
(Maven)
Jun 24, 2022
Improper authorization in Jenkins Embeddable Build Status Plugin bypasses ViewStatus permission requirement
Moderate
CVE-2022-34180
was published
for
org.jenkins-ci.plugins:embeddable-build-status
(Maven)
Jun 24, 2022
Missing permission check in Jenkins XebiaLabs XL Deploy Plugin allows enumerating credentials IDs
Moderate
CVE-2021-21662
was published
for
com.xebialabs.deployit.ci:deployit-plugin
(Maven)
May 24, 2022
Jenkins Artifactory Plugin missing permission check
Moderate
CVE-2019-10323
was published
for
org.jenkins-ci.plugins:artifactory
(Maven)
May 24, 2022
Jenkins Artifactory Plugin missing permission check
Moderate
CVE-2019-10322
was published
for
org.jenkins-ci.plugins:artifactory
(Maven)
May 24, 2022
Missing permission check in Jenkins requests-plugin Plugin allows viewing pending requests
Moderate
CVE-2021-21674
was published
for
org.jenkins-ci.plugins:requests
(Maven)
May 24, 2022
Missing permission check in Jenkins requests-plugin Plugin allows sending emails
Moderate
CVE-2021-21676
was published
for
org.jenkins-ci.plugins:requests
(Maven)
May 24, 2022
Missing permission check in Jenkins XebiaLabs XL Deploy Plugin allows capturing credentials
Moderate
CVE-2021-21663
was published
for
com.xebialabs.deployit.ci:deployit-plugin
(Maven)
May 24, 2022
Missing permission check in Jenkins CloudBees CD Plugin allows scheduling builds
Moderate
CVE-2021-21647
was published
for
org.jenkins-ci.plugins:electricflow
(Maven)
May 24, 2022
Missing permission checks in Jenkins Config File Provider Plugin allow enumerating configuration file IDs
Moderate
CVE-2021-21645
was published
for
org.jenkins-ci.plugins:config-file-provider
(Maven)
May 24, 2022
Missing permission checks in Micro Focus Application Automation Tools Plugin
Moderate
CVE-2021-22513
was published
for
org.jenkins-ci.plugins:hp-application-automation-tools-plugin
(Maven)
May 24, 2022
Missing permission checks in Jenkins OWASP Dependency-Track Plugin allow capturing credentials
Moderate
CVE-2021-21632
was published
for
org.jenkins-ci.plugins:dependency-track
(Maven)
May 24, 2022
Missing permission check in Jenkins Team Foundation Server Plugin allows enumerating credentials IDs
Moderate
CVE-2021-21636
was published
for
org.jenkins-ci.plugins:tfs
(Maven)
May 24, 2022
Missing permission check in Jenkins Team Foundation Server Plugin allow capturing credentials
Moderate
CVE-2021-21637
was published
for
org.jenkins-ci.plugins:tfs
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API