GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
624 advisories
Filter by severity
Stored Cross-site Scripting vulnerability in Jenkins Custom Checkbox Parameter Plugin
High
CVE-2022-25189
was published
for
io.jenkins.plugins:custom-checkbox-parameter
(Maven)
Feb 16, 2022
Path traversal vulnerability in Jenkins Fortify Plugin
Moderate
CVE-2022-25188
was published
for
org.jenkins-ci.plugins:fortify
(Maven)
Feb 16, 2022
Stored Cross-site Scripting vulnerability in Jenkins Agent Server Parameter Plugin
High
CVE-2022-25191
was published
for
io.jenkins.plugins:agent-server-parameter
(Maven)
Feb 16, 2022
Missing permission check in Jenkins Conjur Secrets Plugin allows enumerating credentials IDs
Moderate
CVE-2022-25190
was published
for
org.conjur.jenkins:conjur-credentials
(Maven)
Feb 16, 2022
Jenkins Snow Commander Plugin 2.0 vulnerable to Cross-Site Request Forgery
Moderate
CVE-2022-25192
was published
for
io.jenkins.plugins:embotics-vcommander
(Maven)
Feb 16, 2022
Jenkins Snow Commander Plugin prior to 2.0 vulnerable to Missing Authorization
Moderate
CVE-2022-25193
was published
for
io.jenkins.plugins:embotics-vcommander
(Maven)
Feb 16, 2022
CSRF vulnerability in Jenkins autonomiq plugin
High
CVE-2022-25194
was published
for
io.jenkins.plugins:autonomiq
(Maven)
Feb 16, 2022
Open redirect vulnerability in Jenkins GitLab Authentication Plugin
Moderate
CVE-2022-25196
was published
for
org.jenkins-ci.plugins:gitlab-oauth
(Maven)
Feb 16, 2022
CSRF vulnerability in Jenkins SCP publisher Plugin
High
CVE-2022-25198
was published
for
org.jenkins-ci.plugins:scp
(Maven)
Feb 16, 2022
Agent-to-controller security bypass in Jenkins HashiCorp Vault Plugin allows reading arbitrary files
Moderate
CVE-2022-25197
was published
for
com.datapipe.jenkins.plugins:hashicorp-vault-plugin
(Maven)
Feb 16, 2022
CSRF vulnerability in Jenkins Checkmarx Plugin allow capturing credentials
Moderate
CVE-2022-25200
was published
for
com.checkmarx.jenkins:checkmarx
(Maven)
Feb 16, 2022
Missing permission check in Jenkins SCP publisher Plugin
High
CVE-2022-25199
was published
for
org.jenkins-ci.plugins:scp
(Maven)
Feb 16, 2022
Stored Cross-site Scripting vulnerability in Jenkins Promoted Builds (Simple) Plugin
Moderate
CVE-2022-25202
was published
for
org.jenkins-ci.plugins:promoted-builds-simple
(Maven)
Feb 16, 2022
Missing permission checks in Jenkins Checkmarx Plugin allow capturing credentials
Moderate
CVE-2022-25201
was published
for
com.checkmarx.jenkins:checkmarx
(Maven)
Feb 16, 2022
Stored Cross-site Scripting vulnerability in Jenkins Team Views Plugin
Moderate
CVE-2022-25203
was published
for
com.sonymobile.jenkins.plugins.teamviews:team-views
(Maven)
Feb 16, 2022
Protection Mechanism Failure in Jenkins Doktor Plugin
Moderate
CVE-2022-25204
was published
for
by.dev.madhead.doktor:doktor
(Maven)
Feb 16, 2022
Cross-Site Request Forgery in Jenkins dbCharts Plugin
High
CVE-2022-25205
was published
for
org.jenkins-ci.plugins:dbCharts
(Maven)
Feb 16, 2022
Missing Authorization in Jenkins dbCharts Plugin
High
CVE-2022-25206
was published
for
org.jenkins-ci.plugins:dbCharts
(Maven)
Feb 16, 2022
CSRF vulnerability in Jenkins Chef Sinatra Plugin allow XXE
High
CVE-2022-25207
was published
for
org.jenkins-ci.plugins:sinatra-chef-builder
(Maven)
Feb 16, 2022
Missing permission checks in Jenkins Chef Sinatra Plugin allow XXE
High
CVE-2022-25208
was published
for
org.jenkins-ci.plugins:sinatra-chef-builder
(Maven)
Feb 16, 2022
Improper Restriction of XML External Entity Reference in Jenkins Chef Sinatra
High
CVE-2022-25209
was published
for
org.jenkins-ci.plugins:sinatra-chef-builder
(Maven)
Feb 16, 2022
Improper Synchronization in Jenkins Convertigo Mobile Platform Plugin
Low
CVE-2022-25210
was published
for
com.convertigo.jenkins.plugins:convertigo-mobile-platform
(Maven)
Feb 16, 2022
Missing permission check in Jenkins SWAMP Plugin allows capturing credentials
Moderate
CVE-2022-25211
was published
for
org.continuousassurance.swamp.jenkins:swamp
(Maven)
Feb 16, 2022
CSRF vulnerability in Jenkins SWAMP Plugin allows capturing credentials
Moderate
CVE-2022-25212
was published
for
org.continuousassurance.swamp.jenkins:swamp
(Maven)
Feb 16, 2022
Request logging bypass in Jenkins Audit Trail Plugin
Moderate
CVE-2020-2287
was published
for
org.jenkins-ci.plugins:audit-trail
(Maven)
Feb 10, 2022
ProTip!
Advisories are also available from the
GraphQL API