Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

247 advisories

Loading
Jenkins Compuware ISPW Operations Plugin does not perform permission checks in several HTTP endpoints Moderate
CVE-2022-36898 was published for com.compuware.jenkins:compuware-ispw-operations (Maven) Jul 28, 2022
Missing permission check in Jenkins OpenShift Deployer Plugin Moderate
CVE-2022-36907 was published for org.jenkins-ci.plugins:openshift-deployer (Maven) Jul 28, 2022
NotMyFault
Jenkins RQM Plugin allows enumerating credentials IDs due to missing permission check Moderate
CVE-2022-34810 was published for net.praqma:rqm-plugin (Maven) Jul 1, 2022
NotMyFault
Jenkins XPath Configuration Viewer Plugin Missing Authorization vulnerability Moderate
CVE-2022-34813 was published for org.jenkins-ci.plugins:xpath-config-viewer (Maven) Jul 1, 2022
Jenkins Failed Job Deactivator Plugin Missing Authorization vulnerability Moderate
CVE-2022-34818 was published for de.einsundeins.jenkins.plugins.failedjobdeactivator:failedJobDeactivator (Maven) Jul 1, 2022
Missing Authorization in Jenkins XPath Configuration Viewer Plugin Moderate
CVE-2022-34811 was published for org.jenkins-ci.plugins:xpath-config-viewer (Maven) Jul 1, 2022
NotMyFault
Missing permission checks in Jenkins XebiaLabs XL Release Plugin allow capturing credentials Moderate
CVE-2022-34781 was published for com.xebialabs.ci:xlrelease-plugin (Maven) Jul 1, 2022
NotMyFault
Jenkins build-metrics Plugin Missing Authorization vulnerability Moderate
CVE-2022-34785 was published for org.jenkins-ci.plugins:build-metrics (Maven) Jul 1, 2022
Jenkins Deployment Dashboard Plugin has Insufficiently Protected Credentials Moderate
CVE-2022-34796 was published for org.jenkins-ci.plugins:ec2-deployment-dashboard (Maven) Jul 1, 2022
Missing Authorization in Jenkins Deployment Dashboard Plugin Moderate
CVE-2022-34798 was published for org.jenkins-ci.plugins:ec2-deployment-dashboard (Maven) Jul 1, 2022
NotMyFault
Missing permission checks in Jenkins XebiaLabs XL Release Plugin allow enumerating credentials IDs Moderate
CVE-2022-34779 was published for com.xebialabs.ci:xlrelease-plugin (Maven) Jul 1, 2022
NotMyFault
Jenkins Beaker builder Plugin Missing Authorization vulnerability Moderate
CVE-2022-34208 was published for org.jenkins-ci.plugins:beaker-builder (Maven) Jun 24, 2022
Missing permission check in Jenkins ThreadFix Plugin Moderate
CVE-2022-34210 was published for org.jenkins-ci.plugins:threadfix (Maven) Jun 24, 2022
NotMyFault
Missing permission check in Jenkins vRealize Orchestrator Plugin Moderate
CVE-2022-34212 was published for org.jenkins-ci.plugins:vmware-vrealize-orchestrator (Maven) Jun 24, 2022
NotMyFault
Missing permission check in Jenkins Convertigo Mobile Platform Plugin Moderate
CVE-2022-34201 was published for com.convertigo.jenkins.plugins:convertigo-mobile-platform (Maven) Jun 24, 2022
NotMyFault
Improper authorization in Jenkins Embeddable Build Status Plugin bypasses ViewStatus permission requirement Moderate
CVE-2022-34180 was published for org.jenkins-ci.plugins:embeddable-build-status (Maven) Jun 24, 2022
NotMyFault
Jenkins Jianliao Notification Plugin Missing Authorization vulnerability Moderate
CVE-2022-34206 was published for org.jenkins-ci.plugins:jianliao (Maven) Jun 24, 2022
Jenkins EasyQA Plugin Missing Authorization vulnerability Moderate
CVE-2022-34204 was published for com.geteasyqa:easyqa (Maven) Jun 24, 2022
Missing permission check in Jenkins XebiaLabs XL Deploy Plugin allows enumerating credentials IDs Moderate
CVE-2021-21662 was published for com.xebialabs.deployit.ci:deployit-plugin (Maven) May 24, 2022
NotMyFault
Jenkins Artifactory Plugin missing permission check Moderate
CVE-2019-10323 was published for org.jenkins-ci.plugins:artifactory (Maven) May 24, 2022
Jenkins Artifactory Plugin missing permission check Moderate
CVE-2019-10322 was published for org.jenkins-ci.plugins:artifactory (Maven) May 24, 2022
Missing permission check in Jenkins requests-plugin Plugin allows viewing pending requests Moderate
CVE-2021-21674 was published for org.jenkins-ci.plugins:requests (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins requests-plugin Plugin allows sending emails Moderate
CVE-2021-21676 was published for org.jenkins-ci.plugins:requests (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins XebiaLabs XL Deploy Plugin allows capturing credentials Moderate
CVE-2021-21663 was published for com.xebialabs.deployit.ci:deployit-plugin (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins Config File Provider Plugin allow enumerating configuration file IDs Moderate
CVE-2021-21645 was published for org.jenkins-ci.plugins:config-file-provider (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database