Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,362
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,474
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

21,354 advisories

Loading
Cabot Cross Site Scripting (XSS) vulnerability via Endpoint column Low
CVE-2020-7734 was published for cabot (pip) May 24, 2022
DotPlant2 Improper Restriction of XML External Entity Reference High
CVE-2020-25750 was published for devgroup/dotplant (Composer) May 24, 2022
Arbitrary file write vulnerability in Jenkins Storable Configs Plugin Moderate
CVE-2020-2278 was published for org.jvnet.hudson.plugins:storable-configs-plugin (Maven) May 24, 2022
NotMyFault
Passwords stored in plain text by ElasTest Plugin Moderate
CVE-2020-2274 was published for org.jenkins-ci.plugins:elastest (Maven) May 24, 2022
NotMyFault
Arbitrary file read vulnerability in Jenkins Storable Configs Plugin Moderate
CVE-2020-2277 was published for org.jvnet.hudson.plugins:storable-configs-plugin (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins ElasTest Plugin Moderate
CVE-2020-2272 was published for org.jenkins-ci.plugins:elastest (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins ElasTest Plugin Moderate
CVE-2020-2273 was published for org.jenkins-ci.plugins:elastest (Maven) May 24, 2022
NotMyFault
Arbitrary file read vulnerability in Copy data to workspace Jenkins Plugin Moderate
CVE-2020-2275 was published for org.jvnet.hudson.plugins:copy-data-to-workspace-plugin (Maven) May 24, 2022
NotMyFault
System command execution vulnerability in Selection tasks Jenkins Plugin High
CVE-2020-2276 was published for org.jvnet.hudson.plugins:selection-tasks-plugin (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Locked Files Report Plugin High
CVE-2020-2271 was published for org.jvnet.hudson.plugins:locked-files-report (Maven) May 24, 2022
NotMyFault
Missing permission checks in MongoDB Plugin Moderate
CVE-2020-2267 was published for org.jenkins-ci.plugins:mongodb (Maven) May 24, 2022
NotMyFault
OS command execution vulnerability in Perfecto Plugin High
CVE-2020-2261 was published for io.jenkins.plugins:perfecto (Maven) May 24, 2022
NotMyFault
Missing permission check in Perfecto Plugin Moderate
CVE-2020-2260 was published for io.jenkins.plugins:perfecto (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in ClearCase Release Plugin High
CVE-2020-2270 was published for org.jvnet.hudson.plugins:clearcase-release (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Coverage/Complexity Scatter Plot Plugin High
CVE-2020-2265 was published for org.jenkins-ci.plugins:covcomplplot (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Custom Job Icon Plugin High
CVE-2020-2264 was published for org.jenkins-ci.plugins:custom-job-icon (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in chosen-views-tabbar Plugin High
CVE-2020-2269 was published for org.jenkins-ci.plugins:chosen-views-tabbar (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Description Column Plugin High
CVE-2020-2266 was published for org.jenkins-ci.plugins:description-column-plugin (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in MongoDB Plugin Moderate
CVE-2020-2268 was published for org.jenkins-ci.plugins:mongodb (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Validating String Parameter Plugin High
CVE-2020-2257 was published for org.jenkins-ci.plugins:validating-string-parameter (Maven) May 24, 2022
NotMyFault
Incorrect permission check in Health Advisor by CloudBees Plugin Moderate
CVE-2020-2258 was published for org.jenkins-ci.plugins:cloudbees-jenkins-advisor (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in computer-queue-plugin Plugin High
CVE-2020-2259 was published for jenkins.ci.plugins.computerqueue:computer-queue-plugin (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in android-lint Plugin High
CVE-2020-2262 was published for org.jvnet.hudson.plugins:android-lint (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Radiator View Plugin High
CVE-2020-2263 was published for org.jenkins-ci.plugins:radiatorviewplugin (Maven) May 24, 2022
NotMyFault
Missing permission check in Blue Ocean Plugin Moderate
CVE-2020-2255 was published for io.jenkins.blueocean:blueocean (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database