Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

624 advisories

Loading
Stored XSS vulnerability in ClearCase Release Plugin High
CVE-2020-2270 was published for org.jvnet.hudson.plugins:clearcase-release (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Stored XSS vulnerability in Coverage/Complexity Scatter Plot Plugin High
CVE-2020-2265 was published for org.jenkins-ci.plugins:covcomplplot (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Stored XSS vulnerability in Custom Job Icon Plugin High
CVE-2020-2264 was published for org.jenkins-ci.plugins:custom-job-icon (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
CSRF vulnerability in MongoDB Plugin Moderate
CVE-2020-2268 was published for org.jenkins-ci.plugins:mongodb (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Stored XSS vulnerability in Pipeline Maven Integration Plugin via unescaped display name High
CVE-2020-2256 was published for org.jenkins-ci.plugins:pipeline-maven (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Missing permission check in Blue Ocean Plugin Moderate
CVE-2020-2255 was published for io.jenkins.blueocean:blueocean (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Stored XSS vulnerability in android-lint Plugin High
CVE-2020-2262 was published for org.jvnet.hudson.plugins:android-lint (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Stored XSS vulnerability in Radiator View Plugin High
CVE-2020-2263 was published for org.jenkins-ci.plugins:radiatorviewplugin (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Incorrect permission check in Health Advisor by CloudBees Plugin Moderate
CVE-2020-2258 was published for org.jenkins-ci.plugins:cloudbees-jenkins-advisor (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Stored XSS vulnerability in Validating String Parameter Plugin High
CVE-2020-2257 was published for org.jenkins-ci.plugins:validating-string-parameter (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Stored XSS vulnerability in computer-queue-plugin Plugin High
CVE-2020-2259 was published for jenkins.ci.plugins.computerqueue:computer-queue-plugin (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Path traversal vulnerability in Blue Ocean Plugin Moderate
CVE-2020-2254 was published for io.jenkins.blueocean:blueocean (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Missing hostname validation in Email Extension Plugin Moderate
CVE-2020-2253 was published for org.jenkins-ci.plugins:email-ext (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Passwords stored in plain text by Jenkins ReadyAPI Functional Testing Plugin Moderate
CVE-2020-2250 was published for org.jenkins-ci.plugins:soapui-pro-functional-testing (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
XXE vulnerability in Jenkins Klocwork Analysis Plugin High
CVE-2020-2247 was published for org.jenkins-ci.plugins:klocwork (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Stored XSS vulnerability in Jenkins Cadence vManager Plugin High
CVE-2020-2243 was published for org.jenkins-ci.plugins:vmanager-plugin (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Reflected XSS vulnerability in Jenkins JSGames Plugin High
CVE-2020-2248 was published for org.jenkins-ci.plugins:jsgames (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Passwords transmitted in plain text by Jenkins ReadyAPI Functional Testing Plugin Moderate
CVE-2020-2251 was published for org.jenkins-ci.plugins:soapui-pro-functional-testing (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
XSS vulnerability in Jenkins Build Failure Analyzer Plugin High
CVE-2020-2244 was published for com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Credentials stored in plain text by Jenkins tfs Plugin Low
CVE-2020-2249 was published for org.jenkins-ci.plugins:tfs (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Missing permission checks in Jenkins Database Plugin Moderate
CVE-2020-2242 was published for org.jenkins-ci.plugins:database (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
XXE vulnerability in Jenkins Valgrind Plugin High
CVE-2020-2245 was published for org.jenkins-ci.plugins:valgrind (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Stored XSS vulnerability in Jenkins Valgrind Plugin High
CVE-2020-2246 was published for org.jenkins-ci.plugins:valgrind (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
CSRF vulnerability in Jenkins Database Plugin High
CVE-2020-2240 was published for org.jenkins-ci.plugins:database (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Stored XSS vulnerability in Jenkins Git Parameter Plugin High
CVE-2020-2238 was published for org.jenkins-ci.tools:git-parameter (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database