Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

31 advisories

Loading
Jenkins Sofy.AI Plugin stores API token in plain text Moderate
CVE-2019-10447 was published for io.jenkins.plugins:sofy-ai (Maven) May 24, 2022
Jenkins Caliper CI Plugin stores credentials in plain text Moderate
CVE-2019-10351 was published for com.brianfromoregon:caliper-ci (Maven) May 24, 2022
Jenkins Gogs Plugin stored credentials in plain text Moderate
CVE-2019-10348 was published for org.jenkins-ci.plugins:gogs-webhook (Maven) May 24, 2022
Jenkins Port Allocator Plugin stores credentials in plain text Moderate
CVE-2019-10350 was published for org.jenkins-ci.plugins:port-allocator (Maven) May 24, 2022
Jenkins Support Core Plugin stores sensitive data in plain text Moderate
CVE-2022-25187 was published for org.jenkins-ci.plugins:support-core (Maven) Feb 16, 2022
westonsteimel
Unencrypted storage of client side sessions Moderate
CVE-2021-29481 was published for io.ratpack:ratpack-session (Maven) Jul 1, 2021
JLLeitschuh
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database