Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

624 advisories

Loading
Passwords stored in plain text by Jenkins Artifactory Plugin Low
CVE-2020-2164 was published for org.jenkins-ci.plugins:artifactory (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
OS command injection in CryptoMove Plugin High
CVE-2020-2159 was published for io.jenkins.plugins:cryptomove (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Credentials transmitted in plain text by Skytap Cloud CI Plugin Low
CVE-2020-2157 was published for org.jenkins-ci.plugins:skytap (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Remote Code Execution vulnerability in Jenkins Literate Plugin High
CVE-2020-2158 was published for org.jenkins-ci.plugins:literate (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Jenkins Subversion Release Manager Plugin vulnerable to cross-site scripting (XSS) Moderate
CVE-2020-2152 was published for org.jvnet.hudson.plugins:svn-release-mgr (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Credentials transmitted in plain text by Jenkins DeployHub Plugin Low
CVE-2020-2156 was published for com.openmake:deployhub (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Credentials transmitted in plain text by Backlog Plugin Low
CVE-2020-2153 was published for org.jenkins-ci.plugins:backlog (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Missing permission checks in Mac Plugin Moderate
CVE-2020-2148 was published for fr.edf.jenkins.plugins:mac (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Missing SSH host key validation in Mac Plugin Moderate
CVE-2020-2146 was published for fr.edf.jenkins.plugins:mac (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Credentials transmitted in plain text by OpenShift Deployer Plugin Low
CVE-2020-2155 was published for org.jenkins-ci.plugins:openshift-deployer (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Jenkins Zephyr for JIRA Test Management Plugin stores credentials in plain text Low
CVE-2020-2154 was published for org.jenkins-ci.plugins:zephyr-for-jira-test-management (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
XXE vulnerability in Rundeck Plugin High
CVE-2020-2144 was published for org.jenkins-ci.plugins:rundeck (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
XXE vulnerability in Jenkins Cobertura Plugin High
CVE-2020-2138 was published for org.jenkins-ci.plugins:cobertura (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
CSRF vulnerability in Mac Plugin Moderate
CVE-2020-2147 was published for fr.edf.jenkins.plugins:mac (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Jenkins Quality Gates Plugin transmits credentials in plain text during configuration Low
CVE-2020-2151 was published for org.jenkins-ci.plugins:quality-gates (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Jenkins Sonar Quality Gates Plugin transmits credentials in plain text during configuration Low
CVE-2020-2150 was published for org.jenkins-ci.plugins:sonar-quality-gates (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
CSRF vulnerability in Jenkins P4 Plugin Moderate
CVE-2020-2141 was published for org.jenkins-ci.plugins:p4 (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Credentials transmitted in plain text by Repository Connector Plugin Low
CVE-2020-2149 was published for org.jenkins-ci.plugins:repository-connector (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Credentials transmitted in plain text by Jenkins Logstash Plugin Low
CVE-2020-2143 was published for org.jenkins-ci.plugins:logstash (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Missing permission checks in Jenkins P4 Plugin Moderate
CVE-2020-2142 was published for org.jenkins-ci.plugins:p4 (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Credentials stored in plain text by Zephyr Enterprise Test Management Plugin Low
CVE-2020-2145 was published for org.jenkins-ci.plugins:zephyr-enterprise-test-management (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Stored XSS vulnerability in Jenkins Timestamper Plugin Moderate
CVE-2020-2137 was published for org.jenkins-ci.plugins:timestamper (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Arbitrary file write vulnerability in Jenkins Cobertura Plugin Moderate
CVE-2020-2139 was published for org.jenkins-ci.plugins:cobertura (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
XSS vulnerability in Jenkins Audit Trail Plugin Moderate
CVE-2020-2140 was published for org.jenkins-ci.plugins:audit-trail (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Sandbox bypass vulnerability in Script Security Plugin High
CVE-2020-2134 was published for org.jenkins-ci.plugins:script-security (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database