GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
21,742 advisories
Incorrect permission check in XebiaLabs XL Deploy Plugin allows capturing credentials
Moderate
CVE-2021-21664
was published
for
com.xebialabs.deployit.ci:deployit-plugin
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins XebiaLabs XL Deploy Plugin allows capturing credentials
High
CVE-2021-21665
was published
for
com.xebialabs.deployit.ci:deployit-plugin
(Maven)
May 24, 2022
Missing permission check in Jenkins XebiaLabs XL Deploy Plugin allows capturing credentials
Moderate
CVE-2021-21663
was published
for
com.xebialabs.deployit.ci:deployit-plugin
(Maven)
May 24, 2022
Improper Privilege Management in Spring Framework
High
CVE-2021-22118
was published
for
org.springframework:spring-web
(Maven)
May 24, 2022
DNS based denial of service in Apache Wicket
High
CVE-2021-23937
was published
for
org.apache.wicket:wicket-core
(Maven)
May 24, 2022
XSS vulnerability in Jenkins Markdown Formatter Plugin
Moderate
CVE-2021-21660
was published
for
io.jenkins.plugins:markdown-formatter
(Maven)
May 24, 2022
XXE vulnerability in Jenkins Filesystem Trigger Plugin
High
CVE-2021-21657
was published
for
org.jenkins-ci.plugins:fstrigger
(Maven)
May 24, 2022
XXE vulnerability in Jenkins URLTrigger Plugin
High
CVE-2021-21659
was published
for
org.jenkins-ci.plugins:urltrigger
(Maven)
May 24, 2022
XML external entity vulnerability in Jenkins Nuget Plugin
Critical
CVE-2021-21658
was published
for
org.jenkins-ci.plugins:nuget
(Maven)
May 24, 2022
MongoDB C# Driver Risk of Exposing Authentication Data via Command Listener
Moderate
CVE-2021-20331
was published
for
mongodb.driver
(NuGet)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API