GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,800
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,005
NuGet
720
pip
3,805
Pub
12
RubyGems
927
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+
23,120 advisories
Filter by severity
Jenkins Applitools Eyes Plugin vulnerability exposes unencrypted keys to certain authenticated users
Moderate
CVE-2025-53742
was published
for
org.jenkins-ci.plugins:pplitools-eyes
(Maven)
Jul 9, 2025
Jenkins Applitools Eyes Plugin vulnerability does not mask API keys on its job configuration form
Moderate
CVE-2025-53743
was published
for
org.jenkins-ci.plugins:applitools-eyes
(Maven)
Jul 9, 2025
Jenkins ReadyAPI Functional Testing Plugin vulnerability exposes secrets
Moderate
CVE-2025-53657
was published
for
org.jenkins-ci.plugins:soapui-pro-functional-testing
(Maven)
Jul 9, 2025
Jenkins IFTTT Build Notifier Plugin vulnerability exposes IFTTT Maker Channel Keys
Moderate
CVE-2025-53662
was published
for
org.jenkins-ci.plugins:ifttt-build-notifier
(Maven)
Jul 9, 2025
Jenkins Statistics Gatherer Plugin does not mask AWS Secret Key
Moderate
CVE-2025-53655
was published
for
org.jenkins.plugins.statistics.gatherer:statistics-gatherer
(Maven)
Jul 9, 2025
Jenkins Applitools Eyes Plugin vulnerable to XSS through its Build page
High
CVE-2025-53658
was published
for
org.jenkins-ci.plugins:applitools-eyes
(Maven)
Jul 9, 2025
Jenkins QMetry Test Management Plugin stores unencrypted API keys
Moderate
CVE-2025-53659
was published
for
org.jenkins-ci.plugins:qmetry-test-management
(Maven)
Jul 9, 2025
Jenkins QMetry Test Management Plugin vulnerability exposes API keys
Moderate
CVE-2025-53660
was published
for
org.jenkins-ci.plugins:qmetry-test-management
(Maven)
Jul 9, 2025
Jenkins ReadyAPI Functional Testing Plugin vulnerability stores unencrypted authentication credentials
Moderate
CVE-2025-53656
was published
for
org.jenkins-ci.plugins:soapui-pro-functional-testing
(Maven)
Jul 9, 2025
Jenkins Apica Loadtest Plugin vulnerability exposes authentication tokens
Moderate
CVE-2025-53665
was published
for
com.apica:ApicaLoadtest
(Maven)
Jul 9, 2025
Jenkins IBM Cloud DevOps Plugin vulnerability exposes SonarQube authentication tokens
Moderate
CVE-2025-53663
was published
for
com.ibm.devops:ibm-cloud-devops
(Maven)
Jul 9, 2025
Jenkins Dead Man's Snitch Plugin vulnerability stores tokens in plain text
Moderate
CVE-2025-53666
was published
for
org.jenkins-ci.plugins:deadmanssnitch
(Maven)
Jul 9, 2025
Jenkins Nouvola DiveCloud Plugin vulnerability stores unencrypted credentials
Moderate
CVE-2025-53670
was published
for
org.jenkins-ci.plugins:nouvola-divecloud
(Maven)
Jul 9, 2025
Jenkins Apica Loadtest Plugin vulnerability exposes authentication tokens
Moderate
CVE-2025-53664
was published
for
com.apica:ApicaLoadtest
(Maven)
Jul 9, 2025
Jenkins Testsigma Test Plan vulnerability exposes API keys via job configuration form
Low
CVE-2025-53661
was published
for
io.jenkins.plugins:testsigma
(Maven)
Jul 9, 2025
Jenkins Dead Man's Snitch Plugin vulnerability does not mask tokens
Moderate
CVE-2025-53667
was published
for
org.jenkins-ci.plugins:deadmanssnitch
(Maven)
Jul 9, 2025
Jenkins VAddy Plugin vulnerability exposes unencrypted keys to certain authenticated users
Moderate
CVE-2025-53668
was published
for
org.jenkins-ci.plugins:vaddy-plugin
(Maven)
Jul 9, 2025
Jenkins Sensedia API Platform Plugin vulnerability exposes unencrypted tokens
Moderate
CVE-2025-53674
was published
for
org.jenkins-ci.plugins:sensedia-api-platform
(Maven)
Jul 9, 2025
Jenkins Kryptowire Plugin vulnerability stores unencrypted Kryptowire API key
Moderate
CVE-2025-53672
was published
for
io.jenkins.plugins:kryptowire
(Maven)
Jul 9, 2025
Jenkins Sensedia API Platform Plugin vulnerability exposes unencrypted tokens in its global configuration file
Moderate
CVE-2025-53673
was published
for
org.jenkins-ci.plugins:sensedia-api-platform
(Maven)
Jul 9, 2025
Jenkins Nouvola DiveCloud Plugin vulnerability does not mask keys on its job configuration form
Moderate
CVE-2025-53671
was published
for
org.jenkins-ci.plugins:nouvola-divecloud
(Maven)
Jul 9, 2025
Jenkins Statistics Gatherer Plugin vulnerability exposes AWS Secret Key
Moderate
CVE-2025-53654
was published
for
org.jenkins.plugins.statistics.gatherer:statistics-gatherer
(Maven)
Jul 9, 2025
Jenkins Git Parameter Plugin vulnerable to code injection due to inexhaustive parameter check
Moderate
CVE-2025-53652
was published
for
org.jenkins-ci.tools:git-parameter
(Maven)
Jul 9, 2025
Jenkins HTML Publisher Plugin vulnerability displays controller file system information in its logs
Moderate
CVE-2025-53651
was published
for
org.jenkins-ci.plugins:htmlpublisher
(Maven)
Jul 9, 2025
Jenkins Aqua Security Scanner Plugin vulnerability exposes scanner tokens
Moderate
CVE-2025-53653
was published
for
org.jenkins-ci.plugins:aqua-security-scanner
(Maven)
Jul 9, 2025
ProTip!
Advisories are also available from the
GraphQL API