Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

36 advisories

Loading
Cleartext Storage of Sensitive Information in Jenkins ElasticBox CI Plugin Low
CVE-2019-10450 was published for com.elasticbox.jenkins-ci.plugins:elasticbox (Maven) May 24, 2022
Parse Server stores password in plain text Low
CVE-2020-26288 was published for parse-server (npm) Dec 28, 2020
fastrde depsir
Katello cleartext password storage issue Low
CVE-2019-14825 was published for katello (RubyGems) May 24, 2022
Jenkins WSO2 Oauth Plugin does not mask the WSO2 Oauth client secret on the global configuration form Low
CVE-2023-30528 was published for org.jenkins-ci.plugins:wso2id-oauth (Maven) Apr 12, 2023
Jenkins WSO2 Oauth Plugin stores WSO2 Oauth client secret unencrypted in global config.xml file on Jenkins controller Low
CVE-2023-30527 was published for org.jenkins-ci.plugins:wso2id-oauth (Maven) Apr 12, 2023
Passwords stored in plain text by Jenkins Artifactory Plugin Low
CVE-2020-2164 was published for org.jenkins-ci.plugins:artifactory (Maven) May 24, 2022
NotMyFault
Jenkins Zephyr for JIRA Test Management Plugin stores credentials in plain text Low
CVE-2020-2154 was published for org.jenkins-ci.plugins:zephyr-for-jira-test-management (Maven) May 24, 2022
NotMyFault
Jenkins lambdatest-automation Plugin may expose Credentials access token Low
CVE-2023-46653 was published for org.jenkins-ci.plugins:lambdatest-automation (Maven) Oct 25, 2023
DingTalk Plugin stores credentials in plain text Low
CVE-2019-10433 was published for io.jenkins.plugins:dingding-notifications (Maven) May 24, 2022
ProTip! Advisories are also available from the GraphQL API