Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

6 advisories

Loading
Improper Input Validation in Jenkins Low
CVE-2017-1000401 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Jetty invalid URI parsing may produce invalid HttpURI.authority Low
CVE-2022-2047 was published for org.eclipse.jetty:jetty-http (Maven) Jul 7, 2022
rafax00
Data Amplification in Play Framework Low
CVE-2020-28923 was published for com.typesafe.play:play (Maven) Feb 9, 2022
Jenkins Resource Disposer Plugin allows attacker to stop tracking specified resource Low
CVE-2018-1999037 was published for org.jenkins-ci.plugins:resource-disposer (Maven) May 14, 2022
Apache Druid: Users can provide MySQL JDBC properties not on allow list Low
CVE-2024-45537 was published for org.apache.druid:druid (Maven) Sep 17, 2024
sigstore-java has a vulnerability with bundle verification Low
CVE-2024-54140 was published for dev.sigstore:sigstore-java (Maven) Dec 5, 2024
loosebazooka
ProTip! Advisories are also available from the GraphQL API