Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,814
Erlang
36
GitHub Actions
32
Go
2,399
Maven
5,000+
npm
4,040
NuGet
722
pip
3,829
Pub
12
RubyGems
932
Rust
1,002
Swift
38
Unreviewed advisories
All unreviewed
5,000+

330 advisories

Loading
Missing permission check in Jenkins XL TestView Plugin Moderate
CVE-2019-10387 was published for com.xebialabs.xlt.ci:xltestview-plugin (Maven) May 24, 2022
Missing permission check in Jenkins Relution Enterprise Appstore Publisher Plugin Moderate
CVE-2019-10389 was published for org.jenkins-ci.plugins:relution-publisher (Maven) May 24, 2022
Jenkins JClouds Plugin missing permission check Moderate
CVE-2019-10369 was published for org.jenkins-ci.plugins:jclouds-jenkins (Maven) May 24, 2022
Missing permission check in Jenkins Avatar Plugin Moderate
CVE-2019-10377 was published for net.hurstfrost.jenkins:avatar (Maven) May 24, 2022
Missing Authorization in Jenkins Pipeline: Shared Groovy Libraries Plugin Moderate
CVE-2019-10357 was published for org.jenkins-ci.plugins.workflow:workflow-cps-global-lib (Maven) May 24, 2022
dbolkensteyn
Missing Authorization in Jenkins Configuration as Code Plugin Moderate
CVE-2019-10344 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022
Missing Authorization in Jenkins Moderate
CVE-2019-10354 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
Missing permission check in Jenkins Docker Plugin Moderate
CVE-2019-10342 was published for io.jenkins.docker:docker-plugin (Maven) May 24, 2022
Missing permission check in Jenkins Docker Plugin Moderate
CVE-2019-10341 was published for io.jenkins.docker:docker-plugin (Maven) May 24, 2022
Jenkins ElectricFlow Plugin missing permission check Moderate
CVE-2019-10332 was published for org.jenkins-ci.plugins:electricflow (Maven) May 24, 2022
Jenkins ElectricFlow Plugin Missing permission checks Moderate
CVE-2019-10333 was published for org.jenkins-ci.plugins:electricflow (Maven) May 24, 2022
Jenkins JX Resources Plugin missing permission check Moderate
CVE-2019-10339 was published for org.jenkins-ci.plugins:jx-resources (Maven) May 24, 2022
Missing permission check in Jenkins PAM Authentication Plugin Moderate
CVE-2019-10319 was published for org.jenkins-ci.plugins:pam-auth (Maven) May 24, 2022
Jenkins Ansible Tower Plugin missing permission check High
CVE-2019-10311 was published for org.jenkins-ci.plugins:ansible-tower (Maven) May 24, 2022
Missing permission check in Jenkins Ansible Tower Plugin Moderate
CVE-2019-10312 was published for org.jenkins-ci.plugins:ansible-tower (Maven) May 24, 2022
Missing permission check in Jenkins Static Analysis Utilities Plugin Moderate
CVE-2019-10308 was published for org.jvnet.hudson.plugins:analysis-core (Maven) May 24, 2022
Jenkins GitLab Plugin missing permission checks High
CVE-2019-10301 was published for org.jenkins-ci.plugins:gitlab-plugin (Maven) May 24, 2022
Missing permission check in Jenkins XebiaLabs XL Deploy Plugin Moderate
CVE-2019-10305 was published for com.xebialabs.deployit.ci:deployit-plugin (Maven) May 24, 2022
Regular expression denial of service in Apache ShenYu High
CVE-2022-26650 was published for org.apache.shenyu:shenyu (Maven) May 18, 2022
Missing permission check in Jenkins Blue Ocean Plugin Moderate
CVE-2022-30954 was published for io.jenkins.blueocean:blueocean-parent (Maven) May 18, 2022
NotMyFault
Missing permission check in Jenkins SSH Plugin Moderate
CVE-2022-30957 was published for org.jenkins-ci.plugins:ssh (Maven) May 18, 2022
Missing permission check in Jenkins GitLab Plugin Moderate
CVE-2022-30955 was published for org.jenkins-ci.plugins:gitlab-plugin (Maven) May 18, 2022
NotMyFault
Missing Authorization in Jenkins WMI Windows Agents plugin Moderate
CVE-2022-30951 was published for org.jenkins-ci.plugins:windows-slaves (Maven) May 18, 2022
NotMyFault
Missing Authorization in Jenkins SSH plugin High
CVE-2022-30959 was published for org.jenkins-ci.plugins:ssh (Maven) May 18, 2022
NotMyFault
Apache Archiva does not require entry of the administrator's password at the time of modifying a user account Moderate
CVE-2010-4408 was published for org.apache.archiva:archiva (Maven) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database