Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

247 advisories

Loading
Jenkins Multijob plugin did not check permissions in the Resume Build action Moderate
CVE-2017-1000390 was published for org.jenkins-ci.plugins:jenkins-multijob-plugin (Maven) May 13, 2022
Missing Authorization in Jenkins Blue Ocean Plugin Moderate
CVE-2017-1000105 was published for io.jenkins.blueocean:blueocean (Maven) May 13, 2022
Missing permission check in Jenkins FTP publisher Plugin Moderate
CVE-2019-1003059 was published for org.jvnet.hudson.plugins:ftppublisher (Maven) May 13, 2022
Missing permission check in Jenkins Audit to Database Plugin Moderate
CVE-2019-1003077 was published for org.jenkins-ci.plugins:audit2db (Maven) May 13, 2022
Jenkins Cloud Foundry Plugin vulnerable to exposure of sensitive information Moderate
CVE-2019-1003025 was published for org.jenkins-ci.plugins:cloudfoundry (Maven) May 13, 2022
Jenkins Slack Notification Plugin missing permission check Moderate
CVE-2019-1003043 was published for org.jenkins-ci.plugins:slack (Maven) May 13, 2022
SSRF vulnerability due to missing permission check in Fortify on Demand Uploader Plugin Moderate
CVE-2019-1003047 was published for org.jenkins-ci.plugins:fortify-on-demand-uploader (Maven) May 13, 2022
Missing permission check in Azure VM Agents Plugin allowed modifying VM configuration Moderate
CVE-2019-1003036 was published for org.jenkins-ci.plugins:azure-vm-agents (Maven) May 13, 2022
Information disclosure in Azure VM Agents Plugin Moderate
CVE-2019-1003035 was published for org.jenkins-ci.plugins:azure-vm-agents (Maven) May 13, 2022
Unprivileged users with Overall/Read access are able to enumerate credential IDs in Azure VM Agents Plugin Moderate
CVE-2019-1003037 was published for org.jenkins-ci.plugins:azure-vm-agents (Maven) May 13, 2022
Missing permission check in Jenkins Kmap Plugin allow SSRF Moderate
CVE-2019-10293 was published for org.jenkins-ci.plugins:kmap-jenkins (Maven) May 13, 2022
Missing permission check in Jenkins jenkins-reviewbot Plugin Moderate
CVE-2019-10279 was published for org.jenkins-ci.plugins:jenkins-reviewbot (Maven) May 13, 2022
Missing permission check in Jenkins Netsparker Cloud Scan Plugin Moderate
CVE-2019-10290 was published for org.jenkins-ci.plugins:netsparker-cloud-scan (Maven) May 13, 2022
Missing permission checks in Jenkins Publish Over FTP Plugin Moderate
CVE-2022-29051 was published for org.jenkins-ci.plugins:publish-over-ftp (Maven) Apr 13, 2022
westonsteimel
Missing permission checks in Jekins Bitbucket Server Integration Plugin Moderate
CVE-2022-28134 was published for io.jenkins.plugins:atlassian-bitbucket-server-integration (Maven) Mar 30, 2022
NotMyFault
Missing permission check in Jenkins JiraTestResultReporter Plugin Moderate
CVE-2022-28137 was published for org.jenkins-ci.plugins:JiraTestResultReporter (Maven) Mar 30, 2022
NotMyFault
Missing permission check in Jenkins RocketChat Notifier Plugin Moderate
CVE-2022-28139 was published for org.jenkins-ci.plugins:rocketchatnotifier (Maven) Mar 30, 2022
NotMyFault tdunlap607
Missing permission checks in Jenkins Proxmox Plugin Moderate
CVE-2022-28144 was published for org.jenkins-ci.plugins:proxmox (Maven) Mar 30, 2022
Missing permission check in Jenkins Continuous Integration with Toad Edge Plugin Moderate
CVE-2022-28147 was published for org.jenkins-ci.plugins:ci-with-toad-edge (Maven) Mar 30, 2022
NotMyFault
Missing permission check in Jenkins Job and Node ownership Plugin Moderate
CVE-2022-28151 was published for com.synopsys.jenkinsci:ownership (Maven) Mar 30, 2022
NotMyFault
Missing permission Jenkins Pipeline Phoenix AutoTest Plugin Moderate
CVE-2022-28158 was published for com.surenpi.jenkins:phoenix-autotest (Maven) Mar 30, 2022
Missing permission checks in AWS Credentials Plugin Moderate
CVE-2022-27199 was published for org.jenkins-ci.plugins:aws-credentials (Maven) Mar 16, 2022
Missing permission checks in Jenkins kubernetes-cd Plugin allow enumerating credentials IDs Moderate
CVE-2022-27209 was published for org.jenkins-ci.plugins:kubernetes-cd (Maven) Mar 16, 2022
NotMyFault
CSRF vulnerability and missing permission checks in Extended Choice Parameter Plugin allow SSRF Moderate
CVE-2022-27205 was published for org.jenkins-ci.plugins:extended-choice-parameter (Maven) Mar 16, 2022
NotMyFault
Missing permission checks in Jenkins Release Helper Plugin Moderate
CVE-2022-27215 was published for org.jenkins-ci.plugins:release-helper (Maven) Mar 16, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database