GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
335 advisories
Excessive memory allocation in graph URLs leads to denial of service in Jenkins
Moderate
CVE-2021-21607
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Stored XSS vulnerability in Jenkins on new item page
Moderate
CVE-2021-21611
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Reflected XSS vulnerability in Jenkins markup formatter preview
Moderate
CVE-2021-21610
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
XSS vulnerability in Jenkins TICS Plugin
Moderate
CVE-2021-21613
was published
for
io.jenkins.plugins:tics
(Maven)
May 24, 2022
Credentials stored in plain text by Jenkins Bumblebee HP ALM Plugin
Moderate
CVE-2021-21614
was published
for
org.jenkins-ci.plugins:bumblebee
(Maven)
May 24, 2022
Stored XSS vulnerability in Jenkins FitNesse Plugin
Moderate
CVE-2020-2175
was published
for
org.jenkins-ci.plugins:fitnesse
(Maven)
May 24, 2022
Path traversal vulnerability in Blue Ocean Plugin
Moderate
CVE-2020-2254
was published
for
io.jenkins.blueocean:blueocean
(Maven)
May 24, 2022
Missing hostname validation in Email Extension Plugin
Moderate
CVE-2020-2253
was published
for
org.jenkins-ci.plugins:email-ext
(Maven)
May 24, 2022
Missing permission checks in Jenkins Database Plugin
Moderate
CVE-2020-2242
was published
for
org.jenkins-ci.plugins:database
(Maven)
May 24, 2022
Missing permission checks in Jenkins Fortify on Demand Plugin
Moderate
CVE-2020-2204
was published
for
org.jenkins-ci.plugins:fortify-on-demand-uploader
(Maven)
May 24, 2022
Reflected XSS vulnerability in Jenkins VncViewer Plugin
Moderate
CVE-2020-2207
was published
for
org.jenkins-ci.plugins:vncviewer
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Fortify on Demand Plugin
Moderate
CVE-2020-2203
was published
for
org.jenkins-ci.plugins:fortify-on-demand-uploader
(Maven)
May 24, 2022
Missing SSH host key validation in Jenkins Amazon EC2 Plugin
Moderate
CVE-2020-2185
was published
for
org.jenkins-ci.plugins:ec2
(Maven)
May 24, 2022
Credentials stored in plain text by Jenkins Copr Plugin
Moderate
CVE-2020-2177
was published
for
org.fedoraproject.jenkins.plugins:copr
(Maven)
May 24, 2022
Improper Neutralization of Input During Web Page Generation in Jenkins
Moderate
CVE-2020-2162
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Missing permission checks in Mac Plugin
Moderate
CVE-2020-2148
was published
for
fr.edf.jenkins.plugins:mac
(Maven)
May 24, 2022
Missing SSH host key validation in Mac Plugin
Moderate
CVE-2020-2146
was published
for
fr.edf.jenkins.plugins:mac
(Maven)
May 24, 2022
Password stored in plain text by Parasoft Environment Manager Plugin
Moderate
CVE-2020-2132
was published
for
com.parasoft:environment-manager
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins P4 Plugin
Moderate
CVE-2020-2141
was published
for
org.jenkins-ci.plugins:p4
(Maven)
May 24, 2022
Arbitrary file write vulnerability in Jenkins Cobertura Plugin
Moderate
CVE-2020-2139
was published
for
org.jenkins-ci.plugins:cobertura
(Maven)
May 24, 2022
XSS vulnerability in Jenkins Audit Trail Plugin
Moderate
CVE-2020-2140
was published
for
org.jenkins-ci.plugins:audit-trail
(Maven)
May 24, 2022
Jenkins Git Parameter Plugin vulnerable to stored cross-site scripting (XSS)
Moderate
CVE-2020-2113
was published
for
org.jenkins-ci.tools:git-parameter
(Maven)
May 24, 2022
Non-constant time HMAC comparison
Moderate
CVE-2020-2102
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Non-constant time comparison of inbound TCP agent connection secret
Moderate
CVE-2020-2101
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Database Plugin
Moderate
CVE-2020-2241
was published
for
org.jenkins-ci.plugins:database
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API