Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

19 advisories

Loading
Secret stored in plain text by Jenkins Parameterized Remote Trigger Plugin Low
CVE-2020-2239 was published for org.jenkins-ci.plugins:Parameterized-Remote-Trigger (Maven) May 24, 2022
NotMyFault
Credentials stored in plain text by Jenkins tfs Plugin Low
CVE-2020-2249 was published for org.jenkins-ci.plugins:tfs (Maven) May 24, 2022
NotMyFault
Jenkins AWS Elastic Beanstalk Publisher Plugin stores credentials in plain text Low
CVE-2019-1003052 was published for org.jenkins-ci.plugins:aws-beanstalk-publisher-plugin (Maven) May 13, 2022
Jenkins IRC Plugin stores credentials in plain text Low
CVE-2019-1003051 was published for org.jvnet.hudson.plugins:ircbot (Maven) May 13, 2022
Jenkins Bitbucket Approve Plugin stores credentials in plain text Low
CVE-2019-1003057 was published for org.jenkins-ci.plugins:bitbucket-approve (Maven) May 13, 2022
Jenkins OWASP ZAP Plugin stores unencrypted credentials Low
CVE-2019-1003060 was published for org.jenkins-ci.plugins:zap (Maven) May 13, 2022
Jenkins veracode-scanner Plugin stores credentials in plain text Low
CVE-2019-1003070 was published for org.jenkins-ci.plugins:veracode-scanner (Maven) May 13, 2022
Jenkins aws-device-farm Plugin stores credentials in plain text Low
CVE-2019-1003064 was published for org.jenkins-ci.plugins:aws-device-farm (Maven) May 13, 2022
Jenkins FTP publisher Plugin stores credentials in plain text Low
CVE-2019-1003055 was published for org.jvnet.hudson.plugins:ftppublisher (Maven) May 13, 2022
Jenkins Aqua Security Scanner Plugin stores credentials in plain text Low
CVE-2019-1003069 was published for org.jenkins-ci.plugins:aqua-security-scanner (Maven) May 13, 2022
Jenkins Amazon SNS Build Notifier Plugin stores credentials in plain text Low
CVE-2019-1003063 was published for org.jenkins-ci.plugins:snsnotify (Maven) May 13, 2022
Jenkins Bugzilla Plugin stores credentials in plain text Low
CVE-2019-1003066 was published for org.jvnet.hudson.plugins:bugzilla (Maven) May 13, 2022
Jenkins AWS CloudWatch Logs Publisher Plugin stores credentials in plain text Low
CVE-2019-1003062 was published for org.jenkins-ci.plugins:aws-cloudwatch-logs-publisher (Maven) May 13, 2022
Jenkins CloudShare Docker-Machine Plugin stores credentials in plain text Low
CVE-2019-1003065 was published for org.jenkins-ci.plugins:cloudshare-docker (Maven) May 13, 2022
Jenkins Octopus Deploy Plugin stores credentials in plain text Low
CVE-2019-1003071 was published for hudson.plugins.octopusdeploy:octopusdeploy (Maven) May 13, 2022
Jenkins Audit to Database Plugin stores credentials in plain text Low
CVE-2019-1003075 was published for org.jenkins-ci.plugins:audit2db (Maven) May 13, 2022
Jenkins hyper.sh Commons Plugin stores credentials in plain text Low
CVE-2019-1003074 was published for sh.hyper.plugins:hyper-commons (Maven) May 13, 2022
Jenkins PRQA Plugin stored password in plain text Low
CVE-2019-1003048 was published for com.programmingresearch:prqa-plugin (Maven) May 13, 2022
Client Secret stored in plain text by Jenkins GitLab Authentication Plugin Low
CVE-2022-27206 was published for org.jenkins-ci.plugins:gitlab-oauth (Maven) Mar 16, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database