GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,043 advisories
containerd v1.2.x can be coerced into leaking credentials during image pull
Moderate
CVE-2020-15157
was published
for
github.com/containerd/containerd
(Go)
Feb 11, 2022
Jenkins Support Core Plugin stores sensitive data in plain text
Moderate
CVE-2022-25187
was published
for
org.jenkins-ci.plugins:support-core
(Maven)
Feb 16, 2022
Password parameter default values exposed by Jenkins Pipeline: Build Step Plugin
Moderate
CVE-2022-25184
was published
for
org.jenkins-ci.plugins:pipeline-build-step
(Maven)
Feb 16, 2022
Personal tokens stored in plain text by Jenkins incapptic connect uploader Plugin
Moderate
CVE-2022-27218
was published
for
com.incapptic.plugins:incapptic-connect-uploader
(Maven)
Mar 16, 2022
Passwords stored in plain text by Jenkins Vmware vRealize CodeStream Plugin
Moderate
CVE-2022-27217
was published
for
com.vmware.vcac:vmware-vrealize-codestream
(Maven)
Mar 16, 2022
Client Secret stored in plain text by Jenkins GitLab Authentication Plugin
Low
CVE-2022-27206
was published
for
org.jenkins-ci.plugins:gitlab-oauth
(Maven)
Mar 16, 2022
Passwords stored in plain text by Jenkins dbCharts Plugin
Moderate
CVE-2022-27216
was published
for
org.jenkins-ci.plugins:dbCharts
(Maven)
Mar 16, 2022
Plaintext storage in Jenkins instant-messaging Plugin
Moderate
CVE-2022-28135
was published
for
org.jvnet.hudson.plugins:instant-messaging
(Maven)
Mar 30, 2022
ProTip!
Advisories are also available from the
GraphQL API