Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

624 advisories

Loading
Stored XSS vulnerability in Jenkins Active Choices Plugin Moderate
CVE-2020-2289 was published for org.biouno:uno-choice (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Arbitrary file read vulnerability in Jenkins Persona Plugin Moderate
CVE-2020-2293 was published for org.jenkins-ci.plugins:persona (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Stored XSS vulnerability in Jenkins Release Plugin Moderate
CVE-2020-2292 was published for org.jenkins-ci.plugins:release (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Stored XSS vulnerability in Jenkins Active Choices Plugin Moderate
CVE-2020-2290 was published for org.biouno:uno-choice (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Incorrect default pattern in Jenkins Audit Trail Plugin Moderate
CVE-2020-2288 was published for org.jenkins-ci.plugins:audit-trail (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Missing permission check in Jenkins Implied Labels Plugin allows reconfiguring the plugin Moderate
CVE-2020-2282 was published for org.jenkins-ci.plugins:implied-labels (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Stored XSS vulnerability in Jenkins Liquibase Runner Plugin Moderate
CVE-2020-2283 was published for org.jenkins-ci.plugins:liquibase-runner (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
CSRF vulnerability in Jenkins warnings Plugin allows remote code execution High
CVE-2020-2280 was published for org.jvnet.hudson.plugins:warnings (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
CSRF vulnerability in Jenkins Lockable Resources Plugin Moderate
CVE-2020-2281 was published for org.6wind.jenkins:lockable-resources (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Sandbox bypass vulnerability in Jenkins Script Security Plugin Critical
CVE-2020-2279 was published for org.jenkins-ci.plugins:script-security (Maven) May 24, 2022
NotMyFault westonsteimel
Credited to NotMyFault and westonsteimel
Missing permission check in Jenkins Liquibase Runner Plugin allows enumerating credentials IDs Moderate
CVE-2020-2285 was published for org.jenkins-ci.plugins:liquibase-runner (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
XXE vulnerability in Jenkins Liquibase Runner Plugin High
CVE-2020-2284 was published for org.jenkins-ci.plugins:liquibase-runner (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Missing permission checks in Jenkins ElasTest Plugin Moderate
CVE-2020-2272 was published for org.jenkins-ci.plugins:elastest (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Arbitrary file write vulnerability in Jenkins Storable Configs Plugin Moderate
CVE-2020-2278 was published for org.jvnet.hudson.plugins:storable-configs-plugin (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Arbitrary file read vulnerability in Jenkins Storable Configs Plugin Moderate
CVE-2020-2277 was published for org.jvnet.hudson.plugins:storable-configs-plugin (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Passwords stored in plain text by ElasTest Plugin Moderate
CVE-2020-2274 was published for org.jenkins-ci.plugins:elastest (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
CSRF vulnerability in Jenkins ElasTest Plugin Moderate
CVE-2020-2273 was published for org.jenkins-ci.plugins:elastest (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
System command execution vulnerability in Selection tasks Jenkins Plugin High
CVE-2020-2276 was published for org.jvnet.hudson.plugins:selection-tasks-plugin (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Arbitrary file read vulnerability in Copy data to workspace Jenkins Plugin Moderate
CVE-2020-2275 was published for org.jvnet.hudson.plugins:copy-data-to-workspace-plugin (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Stored XSS vulnerability in Locked Files Report Plugin High
CVE-2020-2271 was published for org.jvnet.hudson.plugins:locked-files-report (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Missing permission checks in MongoDB Plugin Moderate
CVE-2020-2267 was published for org.jenkins-ci.plugins:mongodb (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Stored XSS vulnerability in Description Column Plugin High
CVE-2020-2266 was published for org.jenkins-ci.plugins:description-column-plugin (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Stored XSS vulnerability in chosen-views-tabbar Plugin High
CVE-2020-2269 was published for org.jenkins-ci.plugins:chosen-views-tabbar (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
OS command execution vulnerability in Perfecto Plugin High
CVE-2020-2261 was published for io.jenkins.plugins:perfecto (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Missing permission check in Perfecto Plugin Moderate
CVE-2020-2260 was published for io.jenkins.plugins:perfecto (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database