Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,611
NuGet
638
pip
3,209
Pub
10
RubyGems
853
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

253 advisories

Loading
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins Critical
CVE-2021-21686 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault westonsteimel
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins Critical
CVE-2021-21692 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins Critical
CVE-2021-21690 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Path traversal vulnerability in Jenkins Subversion Plugin allows reading arbitrary files Moderate
CVE-2021-21698 was published for org.jenkins-ci.plugins:subversion (Maven) May 24, 2022
NotMyFault
Path traversal vulnerability on Windows in Jenkins Moderate
CVE-2021-21683 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Improper Limitation of a Pathname to a Restricted Directory in Fabric8 Kubernetes Client High
CVE-2021-20218 was published for io.fabric8:kubernetes-client (Maven) May 24, 2022
Path traversal vulnerability in Jenkins agent names High
CVE-2021-21605 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Arbitrary file read vulnerability in Jenkins Persona Plugin Moderate
CVE-2020-2293 was published for org.jenkins-ci.plugins:persona (Maven) May 24, 2022
NotMyFault
Arbitrary file write vulnerability in Jenkins Storable Configs Plugin Moderate
CVE-2020-2278 was published for org.jvnet.hudson.plugins:storable-configs-plugin (Maven) May 24, 2022
NotMyFault
Arbitrary file read vulnerability in Jenkins Storable Configs Plugin Moderate
CVE-2020-2277 was published for org.jvnet.hudson.plugins:storable-configs-plugin (Maven) May 24, 2022
NotMyFault
Arbitrary file read vulnerability in Copy data to workspace Jenkins Plugin Moderate
CVE-2020-2275 was published for org.jvnet.hudson.plugins:copy-data-to-workspace-plugin (Maven) May 24, 2022
NotMyFault
Path traversal vulnerability in Blue Ocean Plugin Moderate
CVE-2020-2254 was published for io.jenkins.blueocean:blueocean (Maven) May 24, 2022
NotMyFault
Arbitrary file write vulnerability in Jenkins Cobertura Plugin Moderate
CVE-2020-2139 was published for org.jenkins-ci.plugins:cobertura (Maven) May 24, 2022
NotMyFault
Jenkins Support Core Plugin allowed users with Overall/Read permission to delete arbitrary files High
CVE-2019-16540 was published for org.jenkins-ci.plugins:support-core (Maven) May 24, 2022
Ignite Realtime Openfire directory traversal vulnerability Moderate
CVE-2019-18393 was published for org.igniterealtime.openfire:parent (Maven) May 24, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jenkins Google OAuth Credentials Plugin Moderate
CVE-2019-10436 was published for org.jenkins-ci.plugins:google-oauth-plugin (Maven) May 24, 2022
Mule modules contain Directory Traversal High
CVE-2019-15630 was published for org.mule.runtime:mule (Maven) May 24, 2022
Arbitrary file read vulnerability in Jenkins File System SCM Plugin Moderate
CVE-2019-10375 was published for hudson.plugins.filesystem_scm:filesystem_scm (Maven) May 24, 2022
Improper Limitation of a Pathname to a Restricted Directory in Jenkins Moderate
CVE-2019-10352 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
sunSUNQ
Apache Karaf vulnerable to relative path traversal Moderate
CVE-2019-0226 was published for org.apache.karaf.config:org.apache.karaf.config.core (Maven) May 24, 2022
Path traversal in Gitblit High
CVE-2022-31268 was published for com.gitblit:gitblit (Maven) May 22, 2022
Path traversal in Jenkins REPO Plugin Low
CVE-2022-30949 was published for org.jenkins-ci.plugins:git (Maven) May 18, 2022
NotMyFault
Path traversal in Jenkins Git Mercurial and Repo Plugins High
CVE-2022-30947 was published for org.jenkins-ci.plugins:git (Maven) May 18, 2022
NotMyFault
Path traversal in Jenkins Mercurial Plugin Low
CVE-2022-30948 was published for org.jenkins-ci.plugins:mercurial (Maven) May 18, 2022
NotMyFault
Apache Struts directory traversal vulnerability Moderate
CVE-2008-6505 was published for org.apache.struts:struts2-core (Maven) May 17, 2022
ProTip! Advisories are also available from the GraphQL API