GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
41 advisories
Incorrect Authorization in Jenkins Core
High
CVE-2023-27899
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Mar 10, 2023
Unauthorized view fragment access in Jenkins
High
CVE-2022-34175
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Jun 24, 2022
Improper authorization due to caching in Jenkins Role-based Authorization Strategy Plugin
High
CVE-2020-2286
was published
for
org.jenkins-ci.plugins:role-strategy
(Maven)
May 24, 2022
Improper authorization of users and groups with the same base name in Jenkins GitLab Authentication Plugin
High
CVE-2020-2228
was published
for
org.jenkins-ci.plugins:gitlab-oauth
(Maven)
May 24, 2022
Sandbox bypass vulnerability in Script Security Plugin
High
CVE-2020-2135
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
May 24, 2022
Sandbox bypass vulnerability in Script Security Plugin
High
CVE-2020-2134
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
May 24, 2022
Cloud Foundry UAA accepts refresh token as access token on admin endpoints
High
CVE-2018-11047
was published
for
org.cloudfoundry.identity:cloudfoundry-identity-server
(Maven)
May 13, 2022
Apache Geode vulnerable to Incorrect Authorization
High
CVE-2017-15695
was published
for
org.apache.geode:geode-core
(Maven)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API