Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

176 advisories

Loading
Jenkins Git Changelog Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-10414 was published for de.wellnerbou.jenkins:git-changelog (Maven) May 24, 2022
Violation Comments to GitLab Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-10416 was published for org.jenkins-ci.plugins:violation-comments-to-gitlab (Maven) May 24, 2022
Jenkins Data Theorem Mobile Security: CI/CD Plugin has Insufficiently Protected Credentials Moderate
CVE-2019-10413 was published for com.datatheorem.mobileappsecurity.jenkins.plugin:datatheorem-mobile-app-security (Maven) May 24, 2022
Jenkins Beaker Builder Plugin has Insufficiently Protected Credentials Low
CVE-2019-10398 was published for org.jenkins-ci.plugins:beaker-builder (Maven) May 24, 2022
Jenkins Google Cloud Messaging Notification Plugin stores credentials in plain text Moderate
CVE-2019-10379 was published for org.jenkins-ci.plugins:gcm-notification (Maven) May 24, 2022
Jenkins eggplant-plugin Plugin stores credentials in plain text Moderate
CVE-2019-10385 was published for org.jenkins-ci.plugins:eggplant-plugin (Maven) May 24, 2022
Jenkins TestLink Plugin stores credentials in plain text Low
CVE-2019-10378 was published for org.jenkins-ci.plugins:testlink (Maven) May 24, 2022
Skytap Cloud CI Plugin stored credentials in plain text Moderate
CVE-2019-10366 was published for org.jenkins-ci.plugins:skytap (Maven) May 24, 2022
Jenkins Maven Release Plug-in Plugin stored credentials in plain text Low
CVE-2019-10361 was published for org.jenkins-ci.plugins.m2release:m2release (Maven) May 24, 2022
Plaintext Storage of a Password in Jenkins Configuration as Code Plugin Moderate
CVE-2019-10345 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022
Stored credentials unencrypted in Jenkins Mashup Portlets Plugin High
CVE-2019-10347 was published for javagh.jenkins:mashup-portlets-plugin (Maven) May 24, 2022
Jenkins Azure AD Plugin stored the client secret unencrypted Low
CVE-2019-10318 was published for org.jenkins-ci.plugins:azure-ad (Maven) May 24, 2022
Jenkins Twitter Plugin stores credentials in plain text Low
CVE-2019-10313 was published for org.jenkins-ci.plugins:twitter (Maven) May 24, 2022
Jenkins Aqua MicroScanner Plugin stored credentials in plain text Low
CVE-2019-10316 was published for org.jenkins-ci.plugins:aqua-microscanner (Maven) May 24, 2022
Jenkins Azure PublisherSettings Credentials Plugin stored credentials in plain text Low
CVE-2019-10303 was published for org.jenkins-ci.plugins:azure-publishersettings-credentials (Maven) May 24, 2022
Jenkins jira-ext Plugin stores credentials unencrypted High
CVE-2019-10302 was published for org.jenkins-ci.plugins:jira-ext (Maven) May 24, 2022
Insufficiently Protected Credentials in Jenkins Pipeline SCM API for Blue Ocean Plugin Moderate
CVE-2022-30952 was published for io.jenkins.blueocean:blueocean-pipeline-scm-api (Maven) May 18, 2022
NotMyFault
Jenkins AWS CodeDeploy Plugin has Insufficiently Protected Credentials Moderate
CVE-2018-1000402 was published for com.amazonaws:codedeploy (Maven) May 14, 2022
Jenkins Configuration as Code Plugin has Insufficiently Protected Credentials High
CVE-2018-1000610 was published for io.jenkins:configuration-as-code (Maven) May 13, 2022
Jenkins z/OS Connector Plugin allows local attacker to retrieve configured password Low
CVE-2018-1000608 was published for org.jenkins-ci.plugins:zos-connector (Maven) May 13, 2022
AWS CodeDeploy Plugin stored AWS Secret Key in plain text High
CVE-2018-1000403 was published for com.amazonaws:codedeploy (Maven) May 13, 2022
westonsteimel
Jenkins AWS CodePipeline Plugin has Insufficiently Protected Credentials High
CVE-2018-1000401 was published for com.amazonaws:aws-codepipeline (Maven) May 13, 2022
Insufficiently Protected Credentials in Jenkins AWS CodeBuild Plugin High
CVE-2018-1000404 was published for com.amazonaws:aws-codebuild (Maven) May 13, 2022
Jenkins Coverity Plugin has Insufficiently Protected Credentials Low
CVE-2018-1000104 was published for org.jenkins-ci.plugins:coverity (Maven) May 13, 2022
Jenkins Credentials Binding Plugin has Insufficiently Protected Credentials Moderate
CVE-2018-1000057 was published for org.jenkins-ci.plugins:credentials-binding (Maven) May 13, 2022
q5438722
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database