GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,727
Erlang
29
GitHub Actions
16
Go
1,709
Maven
4,946
npm
3,474
NuGet
605
pip
3,000
Pub
10
RubyGems
828
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
335 advisories
Filter by severity
Jenkins Deployer Framework Plugin does not restrict application path of applications when configuring a deployment
Moderate
CVE-2022-36889
was published
for
org.jenkins-ci.plugins:deployer-framework
(Maven)
Jul 28, 2022
Missing permission check in Jenkins OpenShift Deployer Plugin
Moderate
CVE-2022-36907
was published
for
org.jenkins-ci.plugins:openshift-deployer
(Maven)
Jul 28, 2022
CSRF vulnerability in Jenkins OpenShift Deployer Plugin
Moderate
CVE-2022-36906
was published
for
org.jenkins-ci.plugins:openshift-deployer
(Maven)
Jul 28, 2022
CSRF vulnerability in Jenkins OpenShift Deployer Plugin
Moderate
CVE-2022-36908
was published
for
org.jenkins-ci.plugins:openshift-deployer
(Maven)
Jul 28, 2022
Missing permission check in Jenkins OpenShift Deployer Plugin
Moderate
CVE-2022-36909
was published
for
org.jenkins-ci.plugins:openshift-deployer
(Maven)
Jul 28, 2022
CSRF vulnerability in Jenkins Google Cloud Backup Plugin
Moderate
CVE-2022-36916
was published
for
org.jenkins-ci.plugins:google-cloud-backup
(Maven)
Jul 28, 2022
Missing permission checks in Jenkins openstack-heat Plugin
Moderate
CVE-2022-36912
was published
for
org.jenkins-ci.plugins:openstack-heat
(Maven)
Jul 28, 2022
CSRF vulnerability in Jenkins openstack-heat Plugin
Moderate
CVE-2022-36911
was published
for
org.jenkins-ci.plugins:openstack-heat
(Maven)
Jul 28, 2022
Cross-Site Request Forgery in Jenkins Failed Job Deactivator Plugin
Moderate
CVE-2022-34817
was published
for
de.einsundeins.jenkins.plugins.failedjobdeactivator:failedJobDeactivator
(Maven)
Jul 1, 2022
Cross-Site Request Forgery in Jenkins XPath Configuration Viewer Plugin
Moderate
CVE-2022-34812
was published
for
org.jenkins-ci.plugins:xpath-config-viewer
(Maven)
Jul 1, 2022
Cross-Site Request Forgery in Jenkins Request Rename Or Delete Plugin
Moderate
CVE-2022-34815
was published
for
org.jenkins-ci.plugins:rrod
(Maven)
Jul 1, 2022
Jenkins RQM Plugin allows enumerating credentials IDs due to missing permission check
Moderate
CVE-2022-34810
was published
for
net.praqma:rqm-plugin
(Maven)
Jul 1, 2022
Missing Authorization in Jenkins XPath Configuration Viewer Plugin
Moderate
CVE-2022-34811
was published
for
org.jenkins-ci.plugins:xpath-config-viewer
(Maven)
Jul 1, 2022
Incorrect Authorization in Jenkins Request Rename Or Delete Plugin
Moderate
CVE-2022-34814
was published
for
org.jenkins-ci.plugins:rrod
(Maven)
Jul 1, 2022
Jenkins Matrix Reloaded Plugin vulnerable to CSRF
Moderate
CVE-2022-34789
was published
for
net.praqma:matrix-reloaded
(Maven)
Jul 1, 2022
Missing permission checks in Jenkins XebiaLabs XL Release Plugin allow capturing credentials
Moderate
CVE-2022-34781
was published
for
com.xebialabs.ci:xlrelease-plugin
(Maven)
Jul 1, 2022
CSRF vulnerability in Jenkins XebiaLabs XL Release Plugin allow capturing credentials
Moderate
CVE-2022-34780
was published
for
com.xebialabs.ci:xlrelease-plugin
(Maven)
Jul 1, 2022
Missing permission checks in Jenkins XebiaLabs XL Release Plugin allow enumerating credentials IDs
Moderate
CVE-2022-34779
was published
for
com.xebialabs.ci:xlrelease-plugin
(Maven)
Jul 1, 2022
Incorrect Authorization in Jenkins requests-plugin
Moderate
CVE-2022-34782
was published
for
org.jenkins-ci.plugins:requests
(Maven)
Jul 1, 2022
Missing Authorization in Jenkins Deployment Dashboard Plugin
Moderate
CVE-2022-34798
was published
for
org.jenkins-ci.plugins:ec2-deployment-dashboard
(Maven)
Jul 1, 2022
Cross-Site Request Forgery in Jenkins Deployment Dashboard Plugin
Moderate
CVE-2022-34797
was published
for
org.jenkins-ci.plugins:ec2-deployment-dashboard
(Maven)
Jul 1, 2022
Cross-Site Request Forgery in Jenkins Jianliao Notification Plugin
Moderate
CVE-2022-34205
was published
for
org.jenkins-ci.plugins:jianliao
(Maven)
Jun 24, 2022
Missing permission check in Jenkins ThreadFix Plugin
Moderate
CVE-2022-34210
was published
for
org.jenkins-ci.plugins:threadfix
(Maven)
Jun 24, 2022
Missing permission check in Jenkins vRealize Orchestrator Plugin
Moderate
CVE-2022-34212
was published
for
org.jenkins-ci.plugins:vmware-vrealize-orchestrator
(Maven)
Jun 24, 2022
Cross-Site Request Forgery in Jenkins ThreadFix Plugin
Moderate
CVE-2022-34209
was published
for
org.jenkins-ci.plugins:threadfix
(Maven)
Jun 24, 2022
ProTip!
Advisories are also available from the
GraphQL API