Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,727
Erlang
29
GitHub Actions
16
Go
1,709
Maven
4,946
npm
3,474
NuGet
605
pip
2,999
Pub
10
RubyGems
828
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

624 advisories

Stored XSS vulnerability in ClearCase Release Plugin High
CVE-2020-2270 was published for org.jvnet.hudson.plugins:clearcase-release (Maven) May 24, 2022
NotMyFault
OS command execution vulnerability in Perfecto Plugin High
CVE-2020-2261 was published for io.jenkins.plugins:perfecto (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Description Column Plugin High
CVE-2020-2266 was published for org.jenkins-ci.plugins:description-column-plugin (Maven) May 24, 2022
NotMyFault
Improper authorization of users and groups with the same base name in Jenkins GitLab Authentication Plugin High
CVE-2020-2228 was published for org.jenkins-ci.plugins:gitlab-oauth (Maven) May 24, 2022
NotMyFault
Missing permission checks in MongoDB Plugin Moderate
CVE-2020-2267 was published for org.jenkins-ci.plugins:mongodb (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in android-lint Plugin High
CVE-2020-2262 was published for org.jvnet.hudson.plugins:android-lint (Maven) May 24, 2022
NotMyFault
Arbitrary file read vulnerability in Copy data to workspace Jenkins Plugin Moderate
CVE-2020-2275 was published for org.jvnet.hudson.plugins:copy-data-to-workspace-plugin (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Radiator View Plugin High
CVE-2020-2263 was published for org.jenkins-ci.plugins:radiatorviewplugin (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in chosen-views-tabbar Plugin High
CVE-2020-2269 was published for org.jenkins-ci.plugins:chosen-views-tabbar (Maven) May 24, 2022
NotMyFault
Passwords transmitted in plain text by Jenkins Stash Branch Parameter Plugin Low
CVE-2020-2210 was published for org.jenkins-ci.plugins:StashBranchParameter (Maven) May 24, 2022
NotMyFault
RCE vulnerability in ElasticBox Jenkins Kubernetes CI/CD Plugin High
CVE-2020-2211 was published for com.elasticbox.jenkins-ci.plugins:kubernetes-ci (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Coverage/Complexity Scatter Plot Plugin High
CVE-2020-2265 was published for org.jenkins-ci.plugins:covcomplplot (Maven) May 24, 2022
NotMyFault
Missing permission check in Perfecto Plugin Moderate
CVE-2020-2260 was published for io.jenkins.plugins:perfecto (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Zephyr for JIRA Test Management Plugin Moderate
CVE-2020-2215 was published for org.jenkins-ci.plugins:zephyr-for-jira-test-management (Maven) May 24, 2022
NotMyFault
Content-Security-Policy protection for user content disabled by Jenkins ZAP Pipeline Plugin Moderate
CVE-2020-2214 was published for com.vrondakis.zap:zap-pipeline (Maven) May 24, 2022
NotMyFault
System command execution vulnerability in Selection tasks Jenkins Plugin High
CVE-2020-2276 was published for org.jvnet.hudson.plugins:selection-tasks-plugin (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Custom Job Icon Plugin High
CVE-2020-2264 was published for org.jenkins-ci.plugins:custom-job-icon (Maven) May 24, 2022
NotMyFault
XSS vulnerability in Jenkins useMango Runner Plugin Moderate
CVE-2020-2176 was published for it.infuse.jenkins:usemango-runner (Maven) May 24, 2022
NotMyFault
Complete lack of CSRF protection in Jenkins Selenium Plugin can lead to OS command injection High
CVE-2020-2196 was published for org.jenkins-ci.plugins:selenium (Maven) May 24, 2022
NotMyFault
XXE vulnerability in Jenkins Valgrind Plugin High
CVE-2020-2245 was published for org.jenkins-ci.plugins:valgrind (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins ECharts API Plugin Moderate
CVE-2020-2193 was published for io.jenkins.plugins:echarts-api (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins ECharts API Plugin Moderate
CVE-2020-2194 was published for io.jenkins.plugins:echarts-api (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins Cadence vManager Plugin High
CVE-2020-2243 was published for org.jenkins-ci.plugins:vmanager-plugin (Maven) May 24, 2022
NotMyFault
Reflected XSS vulnerability in Jenkins JSGames Plugin High
CVE-2020-2248 was published for org.jenkins-ci.plugins:jsgames (Maven) May 24, 2022
NotMyFault
Reflected XSS vulnerability in Jenkins AWSEB Deployment Plugin Moderate
CVE-2020-2174 was published for br.com.ingenieux.jenkins.plugins:awseb-deployment-plugin (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API