Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+

55 advisories

Loading
Credential stored in plain text by BMC Release Package and Deployment Plugin Low
CVE-2020-2127 was published for RPD:bmc-rpd (Maven) May 24, 2022
NotMyFault
Token stored in plain text by DigitalOcean Plugin Low
CVE-2020-2126 was published for com.dubture.jenkins:digitalocean-plugin (Maven) May 24, 2022
NotMyFault
Jenkins S3 Publisher Plugin transmits credentials in plain text during configuration Low
CVE-2020-2114 was published for org.jenkins-ci.plugins:s3 (Maven) May 24, 2022
NotMyFault
Client secret transmitted in plain text by Azure AD Plugin Low
CVE-2020-2119 was published for org.jenkins-ci.plugins:azure-ad (Maven) May 24, 2022
NotMyFault
Jenkins Weibo Plugin stores credentials unencrypted in its global configuration file Low
CVE-2019-16572 was published for org.jenkins-ci.plugins:weibo (Maven) May 24, 2022
Jenkins elOyente Plugin has Insufficiently Protected Credentials Low
CVE-2019-10424 was published for com.technicolor:elOyente (Maven) May 24, 2022
Jenkins vFabric Application Director Plugin Insufficiently Protected Credentials Low
CVE-2019-10419 was published for org.jenkins-ci.plugins:application-director-plugin (Maven) May 24, 2022
Jenkins Assembla Plugin has Insufficiently Protected Credentials Low
CVE-2019-10420 was published for org.jenkins-ci.plugins:assembla (Maven) May 24, 2022
Jenkins CodeScan Plugin has Insufficiently Protected Credentials Low
CVE-2019-10423 was published for com.villagechief.codescan.jenkins:codescan (Maven) May 24, 2022
Jenkins Beaker Builder Plugin has Insufficiently Protected Credentials Low
CVE-2019-10398 was published for org.jenkins-ci.plugins:beaker-builder (Maven) May 24, 2022
Jenkins TestLink Plugin stores credentials in plain text Low
CVE-2019-10378 was published for org.jenkins-ci.plugins:testlink (Maven) May 24, 2022
Jenkins Maven Release Plug-in Plugin stored credentials in plain text Low
CVE-2019-10361 was published for org.jenkins-ci.plugins.m2release:m2release (Maven) May 24, 2022
Jenkins Azure AD Plugin stored the client secret unencrypted Low
CVE-2019-10318 was published for org.jenkins-ci.plugins:azure-ad (Maven) May 24, 2022
Jenkins Twitter Plugin stores credentials in plain text Low
CVE-2019-10313 was published for org.jenkins-ci.plugins:twitter (Maven) May 24, 2022
Jenkins Aqua MicroScanner Plugin stored credentials in plain text Low
CVE-2019-10316 was published for org.jenkins-ci.plugins:aqua-microscanner (Maven) May 24, 2022
Jenkins Azure PublisherSettings Credentials Plugin stored credentials in plain text Low
CVE-2019-10303 was published for org.jenkins-ci.plugins:azure-publishersettings-credentials (Maven) May 24, 2022
Jenkins z/OS Connector Plugin allows local attacker to retrieve configured password Low
CVE-2018-1000608 was published for org.jenkins-ci.plugins:zos-connector (Maven) May 13, 2022
Jenkins Coverity Plugin has Insufficiently Protected Credentials Low
CVE-2018-1000104 was published for org.jenkins-ci.plugins:coverity (Maven) May 13, 2022
Jenkins Repository Connector Plugin has insufficiently protected credentials Low
CVE-2019-1003038 was published for org.jenkins-ci.plugins:repository-connector (Maven) May 13, 2022
Jenkins youtrack-plugin Plugin stored credentials in plain text Low
CVE-2019-10287 was published for org.jenkins-ci.plugins:youtrack-plugin (Maven) May 13, 2022
Jenkins Jabber Server Plugin stores credentials in plain text Low
CVE-2019-10288 was published for de.e-nexus:jabber-server-plugin (Maven) May 13, 2022
Jenkins Minio Storage Plugin stores credentials in plain text Low
CVE-2019-10285 was published for org.jenkins-ci.plugins:minio-storage (Maven) May 13, 2022
Jenkins Netsparker Enterprise Scan Plugin stored credentials in plain text Low
CVE-2019-10291 was published for org.jenkins-ci.plugins:netsparker-cloud-scan (Maven) May 13, 2022
Jenkins Sametime Plugin stores credentials in plain text Low
CVE-2019-10297 was published for org.jenkins-ci.plugins:sametime (Maven) May 13, 2022
Jenkins Koji Plugin stores credentials in plain text Low
CVE-2019-10298 was published for org.jenkins-ci.plugins:koji (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database