GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,287 advisories
Password parameter default values exposed by Jenkins Pipeline: Build Step Plugin
Moderate
CVE-2022-25184
was published
for
org.jenkins-ci.plugins:pipeline-build-step
(Maven)
Feb 16, 2022
Jenkins Support Core Plugin stores sensitive data in plain text
Moderate
CVE-2022-25187
was published
for
org.jenkins-ci.plugins:support-core
(Maven)
Feb 16, 2022
containerd v1.2.x can be coerced into leaking credentials during image pull
Moderate
CVE-2020-15157
was published
for
github.com/containerd/containerd
(Go)
Feb 11, 2022
Password exposure in ShenYu
High
CVE-2022-23223
was published
for
org.apache.shenyu:shenyu-common
(Maven)
Jan 28, 2022
Access key stored in plain text by Jenkins Metrics Plugin
Moderate
CVE-2022-20621
was published
for
org.jenkins-ci.plugins:metrics
(Maven)
Jan 13, 2022
Improper credentials masking in Jenkins HashiCorp Vault Plugin
Moderate
CVE-2022-23109
was published
for
com.datapipe.jenkins.plugins:hashicorp-vault-plugin
(Maven)
Jan 13, 2022
Password stored in plain text by Jenkins Publish Over SSH Plugin
Low
CVE-2022-23114
was published
for
org.jenkins-ci.plugins:publish-over-ssh
(Maven)
Jan 13, 2022
ProTip!
Advisories are also available from the
GraphQL API