GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,727
Erlang
29
GitHub Actions
16
Go
1,709
Maven
4,946
npm
3,474
NuGet
605
pip
2,999
Pub
10
RubyGems
828
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
624 advisories
Filter by severity
Stored XSS vulnerability in ClearCase Release Plugin
High
CVE-2020-2270
was published
for
org.jvnet.hudson.plugins:clearcase-release
(Maven)
May 24, 2022
OS command execution vulnerability in Perfecto Plugin
High
CVE-2020-2261
was published
for
io.jenkins.plugins:perfecto
(Maven)
May 24, 2022
Stored XSS vulnerability in Description Column Plugin
High
CVE-2020-2266
was published
for
org.jenkins-ci.plugins:description-column-plugin
(Maven)
May 24, 2022
Improper authorization of users and groups with the same base name in Jenkins GitLab Authentication Plugin
High
CVE-2020-2228
was published
for
org.jenkins-ci.plugins:gitlab-oauth
(Maven)
May 24, 2022
Missing permission checks in MongoDB Plugin
Moderate
CVE-2020-2267
was published
for
org.jenkins-ci.plugins:mongodb
(Maven)
May 24, 2022
Stored XSS vulnerability in android-lint Plugin
High
CVE-2020-2262
was published
for
org.jvnet.hudson.plugins:android-lint
(Maven)
May 24, 2022
Arbitrary file read vulnerability in Copy data to workspace Jenkins Plugin
Moderate
CVE-2020-2275
was published
for
org.jvnet.hudson.plugins:copy-data-to-workspace-plugin
(Maven)
May 24, 2022
Stored XSS vulnerability in Radiator View Plugin
High
CVE-2020-2263
was published
for
org.jenkins-ci.plugins:radiatorviewplugin
(Maven)
May 24, 2022
Stored XSS vulnerability in chosen-views-tabbar Plugin
High
CVE-2020-2269
was published
for
org.jenkins-ci.plugins:chosen-views-tabbar
(Maven)
May 24, 2022
Passwords transmitted in plain text by Jenkins Stash Branch Parameter Plugin
Low
CVE-2020-2210
was published
for
org.jenkins-ci.plugins:StashBranchParameter
(Maven)
May 24, 2022
RCE vulnerability in ElasticBox Jenkins Kubernetes CI/CD Plugin
High
CVE-2020-2211
was published
for
com.elasticbox.jenkins-ci.plugins:kubernetes-ci
(Maven)
May 24, 2022
Stored XSS vulnerability in Coverage/Complexity Scatter Plot Plugin
High
CVE-2020-2265
was published
for
org.jenkins-ci.plugins:covcomplplot
(Maven)
May 24, 2022
Missing permission check in Perfecto Plugin
Moderate
CVE-2020-2260
was published
for
io.jenkins.plugins:perfecto
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Zephyr for JIRA Test Management Plugin
Moderate
CVE-2020-2215
was published
for
org.jenkins-ci.plugins:zephyr-for-jira-test-management
(Maven)
May 24, 2022
Content-Security-Policy protection for user content disabled by Jenkins ZAP Pipeline Plugin
Moderate
CVE-2020-2214
was published
for
com.vrondakis.zap:zap-pipeline
(Maven)
May 24, 2022
System command execution vulnerability in Selection tasks Jenkins Plugin
High
CVE-2020-2276
was published
for
org.jvnet.hudson.plugins:selection-tasks-plugin
(Maven)
May 24, 2022
Stored XSS vulnerability in Custom Job Icon Plugin
High
CVE-2020-2264
was published
for
org.jenkins-ci.plugins:custom-job-icon
(Maven)
May 24, 2022
XSS vulnerability in Jenkins useMango Runner Plugin
Moderate
CVE-2020-2176
was published
for
it.infuse.jenkins:usemango-runner
(Maven)
May 24, 2022
Complete lack of CSRF protection in Jenkins Selenium Plugin can lead to OS command injection
High
CVE-2020-2196
was published
for
org.jenkins-ci.plugins:selenium
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Valgrind Plugin
High
CVE-2020-2245
was published
for
org.jenkins-ci.plugins:valgrind
(Maven)
May 24, 2022
Stored XSS vulnerability in Jenkins ECharts API Plugin
Moderate
CVE-2020-2193
was published
for
io.jenkins.plugins:echarts-api
(Maven)
May 24, 2022
Stored XSS vulnerability in Jenkins ECharts API Plugin
Moderate
CVE-2020-2194
was published
for
io.jenkins.plugins:echarts-api
(Maven)
May 24, 2022
Stored XSS vulnerability in Jenkins Cadence vManager Plugin
High
CVE-2020-2243
was published
for
org.jenkins-ci.plugins:vmanager-plugin
(Maven)
May 24, 2022
Reflected XSS vulnerability in Jenkins JSGames Plugin
High
CVE-2020-2248
was published
for
org.jenkins-ci.plugins:jsgames
(Maven)
May 24, 2022
Reflected XSS vulnerability in Jenkins AWSEB Deployment Plugin
Moderate
CVE-2020-2174
was published
for
br.com.ingenieux.jenkins.plugins:awseb-deployment-plugin
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API