Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

185 advisories

Loading
Agent-to-controller security bypass in Jenkins HashiCorp Vault Plugin Low
CVE-2022-25186 was published for com.datapipe.jenkins.plugins:hashicorp-vault-plugin (Maven) Feb 16, 2022
NotMyFault
Agent-to-controller security bypass in Jenkins HashiCorp Vault Plugin allows reading arbitrary files Moderate
CVE-2022-25197 was published for com.datapipe.jenkins.plugins:hashicorp-vault-plugin (Maven) Feb 16, 2022
NotMyFault
A Protection Mechanism Failure vulnerability in the REST API of Juniper Networks Contrail Service... Moderate Unreviewed
CVE-2022-22152 was published Jan 20, 2022
Agent-to-controller security bypass in Jenkins Debian Package Builder Plugin High
CVE-2022-23118 was published for ru.yandex.jenkins.plugins.debuilder:debian-package-builder (Maven) Jan 13, 2022
westonsteimel
Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled... Moderate Unreviewed
CVE-2021-36310 was published Nov 21, 2021
A user without PR can reset user authentication failures information Low
CVE-2021-32729 was published for org.xwiki.platform:xwiki-platform-security-authentication-script (Maven) Jul 2, 2021
Context isolation bypass in Electron Low
CVE-2020-15215 was published for electron (npm) Oct 6, 2020
nornagon MarshallOfSound
Unpreventable top-level navigation High
CVE-2020-15174 was published for electron (npm) Oct 6, 2020
masatokinugawa
Denial of Service in http-proxy High
GHSA-6x33-pw7p-hmpq was published for http-proxy (npm) Sep 4, 2020
chalbersma
Jinja2 sandbox escape via string formatting High
CVE-2019-10906 was published for Jinja2 (pip) Apr 10, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database