GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
640 advisories
Passwords stored in plain text by Jenkins Artifactory Plugin
Low
CVE-2020-2164
was published
for
org.jenkins-ci.plugins:artifactory
(Maven)
May 24, 2022
Jenkins Zephyr for JIRA Test Management Plugin stores credentials in plain text
Low
CVE-2020-2154
was published
for
org.jenkins-ci.plugins:zephyr-for-jira-test-management
(Maven)
May 24, 2022
Passwords stored in plain text by ElasTest Plugin
Moderate
CVE-2020-2274
was published
for
org.jenkins-ci.plugins:elastest
(Maven)
May 24, 2022
Weave GitOps Terraform Controller Information Disclosure Vulnerability
High
CVE-2023-34236
was published
for
github.com/weaveworks/tf-controller
(Go)
Jul 14, 2023
Data written to GitHub Actions Cache may expose secrets
High
CVE-2023-30853
was published
for
gradle/gradle-build-action
(GitHub Actions)
May 1, 2023
Strapi leaking sensitive user information by filtering on private fields
High
CVE-2023-22894
was published
for
@strapi/strapi
(npm)
Apr 19, 2023
ProTip!
Advisories are also available from the
GraphQL API