Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

63 advisories

Loading
Storing Password in Local Storage Moderate
GHSA-wvh7-5p38-2qfc was published for parse (npm) Jul 23, 2020
dplewis pocketcolin
Plaintext Storage of a Password in Jenkins Eagle Tester Plugin Moderate
CVE-2020-2129 was published for com.mobileenerlytics.eagle.tester:eagle-tester (Maven) May 24, 2022
Fortify Plugin stored credentials in plain text Moderate
CVE-2020-2107 was published for org.jenkins-ci.plugins:fortify (Maven) May 24, 2022
NotMyFault
Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in... Moderate Unreviewed
CVE-2021-36317 was published Dec 22, 2021
Password stored in plain text by Applatix Plugin Moderate
CVE-2020-2133 was published for com.applatix.jenkins:applatix (Maven) May 24, 2022
NotMyFault
Plaintext storage of tokens in pulp_ansible Moderate
CVE-2022-3644 was published for pulp-ansible (pip) Oct 25, 2022
Passwords stored in plain text by Mail Commander Plugin for Jenkins-ci Plugin Moderate
CVE-2020-2318 was published for org.jenkins-ci.plugins:mailcommander (Maven) May 24, 2022
NotMyFault
Passwords stored in plain text by Jenkins view-cloner Plugin Moderate
CVE-2023-24450 was published for org.jenkins-ci.plugins:view-cloner (Maven) Jan 26, 2023
Plaintext storage of Access Token in Jenkins GitHub Pull Request Coverage Status Plugin Moderate
CVE-2023-24442 was published for org.jenkins-ci.plugins:github-pr-coverage-status (Maven) Jan 26, 2023
Plaintext Storage of a Password in Jenkins JIRA Pipeline Steps Plugin Moderate
CVE-2023-24439 was published for org.jenkins-ci.plugins:jira-steps (Maven) Jan 26, 2023
Plaintext Storage of a Password in Jenkins TestQuality Updater Plugin Moderate
CVE-2023-24454 was published for org.jenkins-ci.plugins:testquality-updater (Maven) Jan 26, 2023
Plaintext Storage of a Password in Jenkins Convertigo Mobile Platform Plugin Moderate
CVE-2022-34199 was published for com.convertigo.jenkins.plugins:convertigo-mobile-platform (Maven) Jun 24, 2022
NotMyFault
Jenkins Gem Publisher Plugin stores credentials as plaintext Moderate
CVE-2019-10426 was published for net.arangamani.jenkins:gem-publisher (Maven) May 24, 2022
Personal tokens stored in plain text by Jenkins incapptic connect uploader Plugin Moderate
CVE-2022-27218 was published for com.incapptic.plugins:incapptic-connect-uploader (Maven) Mar 16, 2022
NotMyFault
API keys stored in plain text by Jenkins Katalon Plugin Moderate
CVE-2022-43419 was published for org.jenkins-ci.plugins:katalon (Maven) Oct 19, 2022
NotMyFault tdunlap607
Passwords stored in plain text by Harvest SCM Plugin Moderate
CVE-2020-2130 was published for org.jenkins-ci.plugins:harvest (Maven) May 24, 2022
NotMyFault
Passwords stored in plain text by Harvest SCM Plugin Moderate
CVE-2020-2131 was published for org.jenkins-ci.plugins:harvest (Maven) May 24, 2022
NotMyFault
Password stored in plain text by ECX Copy Data Management Plugin Moderate
CVE-2020-2128 was published for com.catalogic.ecxjenkins:catalogic-ecx (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Dynamic Extended Choice Parameter Plugin Moderate
CVE-2020-2124 was published for com.moded.extendedchoiceparameter:dynamic_extended_choice_parameter (Maven) May 24, 2022
NotMyFault
Credentials stored in plain text by Jenkins White Source Plugin Moderate
CVE-2020-2213 was published for org.jenkins-ci.plugins:whitesource (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Jenkins TestComplete support Plugin Moderate
CVE-2020-2209 was published for org.jenkins-ci.plugins:TestComplete (Maven) May 24, 2022
NotMyFault
Secret stored in plain text by Jenkins GitHub Coverage Reporter Plugin Moderate
CVE-2020-2212 was published for io.jenkins.plugins:github-coverage-reporter (Maven) May 24, 2022
NotMyFault
Secret stored in plain text by Jenkins Slack Upload Plugin Moderate
CVE-2020-2208 was published for org.jenkins-ci.plugins:slack-uploader (Maven) May 24, 2022
NotMyFault
Passwords stored in plain text by Jenkins ReadyAPI Functional Testing Plugin Moderate
CVE-2020-2250 was published for org.jenkins-ci.plugins:soapui-pro-functional-testing (Maven) May 24, 2022
NotMyFault
Password stored in plain text by Jenkins Nomad Plugin Moderate
CVE-2021-21681 was published for org.jenkins-ci.plugins:nomad (Maven) May 24, 2022
NotMyFault tdunlap607
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database