GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
59 advisories
Filter by severity
Password stored in plain text by Jenkins Publish Over SSH Plugin
Low
CVE-2022-23114
was published
for
org.jenkins-ci.plugins:publish-over-ssh
(Maven)
Jan 13, 2022
Client Secret stored in plain text by Jenkins GitLab Authentication Plugin
Low
CVE-2022-27206
was published
for
org.jenkins-ci.plugins:gitlab-oauth
(Maven)
Mar 16, 2022
Jenkins Relution Enterprise Appstore Publisher Plugin stores credentials in plain text
Low
CVE-2019-10281
was published
for
org.jenkins-ci.plugins:relution-publisher
(Maven)
May 13, 2022
Jenkins Serena SRA Deploy Plugin stores credentials in plain text
Low
CVE-2019-10296
was published
for
com.urbancode.ds.jenkins.plugins:sra-deploy
(Maven)
May 13, 2022
Jenkins Netsparker Enterprise Scan Plugin stored credentials in plain text
Low
CVE-2019-10291
was published
for
org.jenkins-ci.plugins:netsparker-cloud-scan
(Maven)
May 13, 2022
Jenkins Sametime Plugin stores credentials in plain text
Low
CVE-2019-10297
was published
for
org.jenkins-ci.plugins:sametime
(Maven)
May 13, 2022
Jenkins Koji Plugin stores credentials in plain text
Low
CVE-2019-10298
was published
for
org.jenkins-ci.plugins:koji
(Maven)
May 13, 2022
Jenkins CloudCoreo DeployTime Plugin stores credentials in plain text
Low
CVE-2019-10299
was published
for
com.cloudcoreo.plugins:cloudcoreo-deploytime
(Maven)
May 13, 2022
Jenkins Minio Storage Plugin stores credentials in plain text
Low
CVE-2019-10285
was published
for
org.jenkins-ci.plugins:minio-storage
(Maven)
May 13, 2022
Jenkins youtrack-plugin Plugin stored credentials in plain text
Low
CVE-2019-10287
was published
for
org.jenkins-ci.plugins:youtrack-plugin
(Maven)
May 13, 2022
Jenkins Jabber Server Plugin stores credentials in plain text
Low
CVE-2019-10288
was published
for
de.e-nexus:jabber-server-plugin
(Maven)
May 13, 2022
Jenkins Repository Connector Plugin has insufficiently protected credentials
Low
CVE-2019-1003038
was published
for
org.jenkins-ci.plugins:repository-connector
(Maven)
May 13, 2022
Jenkins Coverity Plugin has Insufficiently Protected Credentials
Low
CVE-2018-1000104
was published
for
org.jenkins-ci.plugins:coverity
(Maven)
May 13, 2022
Jenkins z/OS Connector Plugin allows local attacker to retrieve configured password
Low
CVE-2018-1000608
was published
for
org.jenkins-ci.plugins:zos-connector
(Maven)
May 13, 2022
Cloudtoken Insufficiently Protects Credentials
Low
CVE-2018-13390
was published
for
cloudtoken
(pip)
May 13, 2022
python-keystoneclient vulnerable to context confusion in Keystone auth_token middleware
Low
CVE-2014-0105
was published
for
python-keystoneclient
(pip)
May 17, 2022
Jenkins Azure PublisherSettings Credentials Plugin stored credentials in plain text
Low
CVE-2019-10303
was published
for
org.jenkins-ci.plugins:azure-publishersettings-credentials
(Maven)
May 24, 2022
Jenkins Twitter Plugin stores credentials in plain text
Low
CVE-2019-10313
was published
for
org.jenkins-ci.plugins:twitter
(Maven)
May 24, 2022
Jenkins Aqua MicroScanner Plugin stored credentials in plain text
Low
CVE-2019-10316
was published
for
org.jenkins-ci.plugins:aqua-microscanner
(Maven)
May 24, 2022
Jenkins Azure AD Plugin stored the client secret unencrypted
Low
CVE-2019-10318
was published
for
org.jenkins-ci.plugins:azure-ad
(Maven)
May 24, 2022
Jenkins Maven Release Plug-in Plugin stored credentials in plain text
Low
CVE-2019-10361
was published
for
org.jenkins-ci.plugins.m2release:m2release
(Maven)
May 24, 2022
Jenkins TestLink Plugin stores credentials in plain text
Low
CVE-2019-10378
was published
for
org.jenkins-ci.plugins:testlink
(Maven)
May 24, 2022
Jenkins Beaker Builder Plugin has Insufficiently Protected Credentials
Low
CVE-2019-10398
was published
for
org.jenkins-ci.plugins:beaker-builder
(Maven)
May 24, 2022
Jenkins vFabric Application Director Plugin Insufficiently Protected Credentials
Low
CVE-2019-10419
was published
for
org.jenkins-ci.plugins:application-director-plugin
(Maven)
May 24, 2022
Jenkins Assembla Plugin has Insufficiently Protected Credentials
Low
CVE-2019-10420
was published
for
org.jenkins-ci.plugins:assembla
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API