GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
335 advisories
Filter by severity
XXE vulnerability in Jenkins Mercurial Plugin
Moderate
CVE-2020-2305
was published
for
org.jenkins-ci.plugins:mercurial
(Maven)
May 24, 2022
Missing permission check in Jenkins Active Directory Plugin allows accessing domain health check page
Moderate
CVE-2020-2302
was published
for
org.jenkins-ci.plugins:active-directory
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Active Directory Plugin
Moderate
CVE-2020-2303
was published
for
org.jenkins-ci.plugins:active-directory
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Subversion Plugin
Moderate
CVE-2020-2304
was published
for
org.jenkins-ci.plugins:subversion
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Nerrvana Plugin
Moderate
CVE-2020-2298
was published
for
org.jenkins-ci.plugins:nerrvana-plugin
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Maven Cascade Release Plugin
Moderate
CVE-2020-2295
was published
for
com.barchart.jenkins:maven-release-cascade
(Maven)
May 24, 2022
Missing permission checks in Jenkins Maven Cascade Release Plugin
Moderate
CVE-2020-2294
was published
for
com.barchart.jenkins:maven-release-cascade
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Shared Objects Plugin
Moderate
CVE-2020-2296
was published
for
org.jenkins-ci.plugins:shared-objects
(Maven)
May 24, 2022
Arbitrary file read vulnerability in Jenkins Persona Plugin
Moderate
CVE-2020-2293
was published
for
org.jenkins-ci.plugins:persona
(Maven)
May 24, 2022
Stored XSS vulnerability in Jenkins Active Choices Plugin
Moderate
CVE-2020-2289
was published
for
org.biouno:uno-choice
(Maven)
May 24, 2022
Stored XSS vulnerability in Jenkins Active Choices Plugin
Moderate
CVE-2020-2290
was published
for
org.biouno:uno-choice
(Maven)
May 24, 2022
Stored XSS vulnerability in Jenkins Release Plugin
Moderate
CVE-2020-2292
was published
for
org.jenkins-ci.plugins:release
(Maven)
May 24, 2022
Incorrect default pattern in Jenkins Audit Trail Plugin
Moderate
CVE-2020-2288
was published
for
org.jenkins-ci.plugins:audit-trail
(Maven)
May 24, 2022
Missing permission check in Jenkins Liquibase Runner Plugin allows enumerating credentials IDs
Moderate
CVE-2020-2285
was published
for
org.jenkins-ci.plugins:liquibase-runner
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Lockable Resources Plugin
Moderate
CVE-2020-2281
was published
for
org.6wind.jenkins:lockable-resources
(Maven)
May 24, 2022
Stored XSS vulnerability in Jenkins Liquibase Runner Plugin
Moderate
CVE-2020-2283
was published
for
org.jenkins-ci.plugins:liquibase-runner
(Maven)
May 24, 2022
Missing permission check in Jenkins Implied Labels Plugin allows reconfiguring the plugin
Moderate
CVE-2020-2282
was published
for
org.jenkins-ci.plugins:implied-labels
(Maven)
May 24, 2022
Arbitrary file read vulnerability in Copy data to workspace Jenkins Plugin
Moderate
CVE-2020-2275
was published
for
org.jvnet.hudson.plugins:copy-data-to-workspace-plugin
(Maven)
May 24, 2022
Passwords stored in plain text by ElasTest Plugin
Moderate
CVE-2020-2274
was published
for
org.jenkins-ci.plugins:elastest
(Maven)
May 24, 2022
Arbitrary file read vulnerability in Jenkins Storable Configs Plugin
Moderate
CVE-2020-2277
was published
for
org.jvnet.hudson.plugins:storable-configs-plugin
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins ElasTest Plugin
Moderate
CVE-2020-2273
was published
for
org.jenkins-ci.plugins:elastest
(Maven)
May 24, 2022
Arbitrary file write vulnerability in Jenkins Storable Configs Plugin
Moderate
CVE-2020-2278
was published
for
org.jvnet.hudson.plugins:storable-configs-plugin
(Maven)
May 24, 2022
Missing permission checks in Jenkins ElasTest Plugin
Moderate
CVE-2020-2272
was published
for
org.jenkins-ci.plugins:elastest
(Maven)
May 24, 2022
Missing permission checks in MongoDB Plugin
Moderate
CVE-2020-2267
was published
for
org.jenkins-ci.plugins:mongodb
(Maven)
May 24, 2022
Missing permission check in Perfecto Plugin
Moderate
CVE-2020-2260
was published
for
io.jenkins.plugins:perfecto
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API