Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

225 advisories

Loading
Jenkins OWASP ZAP Plugin stores unencrypted credentials Low
CVE-2019-1003060 was published for org.jenkins-ci.plugins:zap (Maven) May 13, 2022
Jenkins Bitbucket Approve Plugin stores credentials in plain text Low
CVE-2019-1003057 was published for org.jenkins-ci.plugins:bitbucket-approve (Maven) May 13, 2022
Jenkins HockeyApp Plugin stores credentials in plain text High
CVE-2019-1003053 was published for org.jenkins-ci.plugins:hockeyapp (Maven) May 13, 2022
Jenkins CloudFormation Plugin stores credentials in plain text Moderate
CVE-2019-1003061 was published for org.jenkins-ci.plugins:jenkins-cloudformation-plugin (Maven) May 13, 2022
Jenkins veracode-scanner Plugin stores credentials in plain text Low
CVE-2019-1003070 was published for org.jenkins-ci.plugins:veracode-scanner (Maven) May 13, 2022
Jenkins Amazon SNS Build Notifier Plugin stores credentials in plain text Low
CVE-2019-1003063 was published for org.jenkins-ci.plugins:snsnotify (Maven) May 13, 2022
Jenkins FTP publisher Plugin stores credentials in plain text Low
CVE-2019-1003055 was published for org.jvnet.hudson.plugins:ftppublisher (Maven) May 13, 2022
Jenkins aws-device-farm Plugin stores credentials in plain text Low
CVE-2019-1003064 was published for org.jenkins-ci.plugins:aws-device-farm (Maven) May 13, 2022
Jenkins Jira Issue Updater Plugin stores credentials in plain text Moderate
CVE-2019-1003054 was published for info.bluefloyd.jenkins:jenkins-jira-issue-updater (Maven) May 13, 2022
Jenkins VMware vRealize Automation Plugin Missing Encryption of Sensitive Data Moderate
CVE-2019-1003068 was published for com.inkysea.vmware.vra:vmware-vrealize-automation-plugin (Maven) May 13, 2022
Jenkins Aqua Security Scanner Plugin stores credentials in plain text Low
CVE-2019-1003069 was published for org.jenkins-ci.plugins:aqua-security-scanner (Maven) May 13, 2022
Jenkins Trac Publisher Plugin stores credentials in plain text Moderate
CVE-2019-1003067 was published for org.jenkins-ci.plugins:trac-publisher-plugin (Maven) May 13, 2022
Jenkins AWS CloudWatch Logs Publisher Plugin stores credentials in plain text Low
CVE-2019-1003062 was published for org.jenkins-ci.plugins:aws-cloudwatch-logs-publisher (Maven) May 13, 2022
Jenkins CloudShare Docker-Machine Plugin stores credentials in plain text Low
CVE-2019-1003065 was published for org.jenkins-ci.plugins:cloudshare-docker (Maven) May 13, 2022
Jenkins Bugzilla Plugin stores credentials in plain text Low
CVE-2019-1003066 was published for org.jvnet.hudson.plugins:bugzilla (Maven) May 13, 2022
Jenkins Upload to pgyer Plugin stores credentials in plain text Moderate
CVE-2019-1003089 was published for ren.helloworld:upload-pgyer (Maven) May 13, 2022
Jenkins hyper.sh Commons Plugin stores credentials in plain text Low
CVE-2019-1003074 was published for sh.hyper.plugins:hyper-commons (Maven) May 13, 2022
Jenkins Audit to Database Plugin stores credentials in plain text Low
CVE-2019-1003075 was published for org.jenkins-ci.plugins:audit2db (Maven) May 13, 2022
Jenkins wildFly Deployer Plugin stores credentials in plain text Moderate
CVE-2019-1003072 was published for org.jenkins-ci.plugins:wildfly-deployer (Maven) May 13, 2022
Jenkins VS Team Services Continuous Deployment Plugin stores credentials in plain text Moderate
CVE-2019-1003073 was published for org.jenkins-ci.plugins:vsts-cd (Maven) May 13, 2022
Jenkins Octopus Deploy Plugin stores credentials in plain text Low
CVE-2019-1003071 was published for hudson.plugins.octopusdeploy:octopusdeploy (Maven) May 13, 2022
Jenkins Perfecto Mobile Plugin stores credentials in plain text Moderate
CVE-2019-1003095 was published for org.jenkins-ci.plugins:perfectomobile (Maven) May 13, 2022
Jenkins Open STF Plugin stores credentials in plain text Moderate
CVE-2019-1003094 was published for org.jenkins-ci.plugins:open-stf (Maven) May 13, 2022
Jenkins Fabric-beta-publisher Plugin stores credentials in plain text Moderate
CVE-2019-1003088 was published for egor-n:fabric-beta-publisher (Maven) May 13, 2022
Jenkins PRQA Plugin stored password in plain text Low
CVE-2019-1003048 was published for com.programmingresearch:prqa-plugin (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database