Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

255 advisories

Loading
Jenkins aws-device-farm Plugin stores credentials in plain text Low
CVE-2019-1003064 was published for org.jenkins-ci.plugins:aws-device-farm (Maven) May 13, 2022
Jenkins veracode-scanner Plugin stores credentials in plain text Low
CVE-2019-1003070 was published for org.jenkins-ci.plugins:veracode-scanner (Maven) May 13, 2022
Jenkins FTP publisher Plugin stores credentials in plain text Low
CVE-2019-1003055 was published for org.jvnet.hudson.plugins:ftppublisher (Maven) May 13, 2022
Jenkins Aqua Security Scanner Plugin stores credentials in plain text Low
CVE-2019-1003069 was published for org.jenkins-ci.plugins:aqua-security-scanner (Maven) May 13, 2022
Jenkins Amazon SNS Build Notifier Plugin stores credentials in plain text Low
CVE-2019-1003063 was published for org.jenkins-ci.plugins:snsnotify (Maven) May 13, 2022
Jenkins Bitbucket Approve Plugin stores credentials in plain text Low
CVE-2019-1003057 was published for org.jenkins-ci.plugins:bitbucket-approve (Maven) May 13, 2022
Jenkins OWASP ZAP Plugin stores unencrypted credentials Low
CVE-2019-1003060 was published for org.jenkins-ci.plugins:zap (Maven) May 13, 2022
Jenkins IRC Plugin stores credentials in plain text Low
CVE-2019-1003051 was published for org.jvnet.hudson.plugins:ircbot (Maven) May 13, 2022
Jenkins AWS Elastic Beanstalk Publisher Plugin stores credentials in plain text Low
CVE-2019-1003052 was published for org.jenkins-ci.plugins:aws-beanstalk-publisher-plugin (Maven) May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins-mailer-plugin Low
CVE-2017-2651 was published for org.jenkins-ci.plugins:mailer (Maven) May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins Low
CVE-2017-2603 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
JBossWS vulnerable to uncontrolled recursion Low
CVE-2011-1483 was published for org.jboss.ws:jbossws-common (Maven) May 13, 2022
Nimbus JOSE+JWT vulnerable to padding oracle attack Low
CVE-2017-12973 was published for com.nimbusds:nimbus-jose-jwt (Maven) May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Oracle MySQL Connectors Java Low
CVE-2017-3589 was published for mysql:mysql-connector-java (Maven) May 13, 2022
Jenkins Coverity Plugin has Insufficiently Protected Credentials Low
CVE-2018-1000104 was published for org.jenkins-ci.plugins:coverity (Maven) May 13, 2022
Jenkins z/OS Connector Plugin allows local attacker to retrieve configured password Low
CVE-2018-1000608 was published for org.jenkins-ci.plugins:zos-connector (Maven) May 13, 2022
Jenkins SSH Agent Plugin exposes SSH private key password to users with permission to read the build log Low
CVE-2018-1999036 was published for org.jenkins-ci.plugins:ssh-agent (Maven) May 13, 2022
Improper Input Validation in Jenkins Low
CVE-2017-1000401 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat Low
CVE-2010-3718 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
oliverchang sunSUNQ
Exposure of Sensitive Information to an Unauthorized Actor in JBoss Fuse Low
CVE-2014-0085 was published for org.jboss.fuse:jboss-fuse (Maven) May 14, 2022
Jenkins Resource Disposer Plugin allows attacker to stop tracking specified resource Low
CVE-2018-1999037 was published for org.jenkins-ci.plugins:resource-disposer (Maven) May 14, 2022
Jenkins meliora-testlab Plugin allows attackers with file system access to Jenkins master to obtain API key Low
CVE-2018-1999031 was published for org.jenkins-ci.plugins:meliora-testlab (Maven) May 14, 2022
Jenkins GitHub Pull Request Builder Plugin Low
CVE-2018-1000143 was published for org.jenkins-ci.plugins:ghprb (Maven) May 14, 2022
Jenkins Reverse Proxy Auth Plugin allows attackers with local file system access to obtain a list of authorities for logged in users Low
CVE-2018-1000150 was published for org.jenkins-ci.plugins:reverse-proxy-auth-plugin (Maven) May 14, 2022
Insecure temporary file usage in Jenkins Git Client Plugin Low
CVE-2017-1000242 was published for org.jenkins-ci.plugins:git-client (Maven) May 17, 2022
ProTip! Advisories are also available from the GraphQL API