GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
21,129 advisories
Lack of SSL/TLS certificate and hostname validation in Amazon EC2 Plugin
Moderate
CVE-2020-2187
was published
for
org.jenkins-ci.plugins:ec2
(Maven)
May 24, 2022
Users with Overall/Read access can enumerate credentials IDs in Amazon EC2 Plugin
Moderate
CVE-2020-2188
was published
for
org.jenkins-ci.plugins:ec2
(Maven)
May 24, 2022
Improper masking of some secrets in Jenkins Credentials Binding Plugin
Low
CVE-2020-2182
was published
for
org.jenkins-ci.plugins:credentials-binding
(Maven)
May 24, 2022
RCE vulnerability in SCM Filter Jervis Plugin
High
CVE-2020-2189
was published
for
io.jenkins.plugins:scm-filter-jervis
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins CVS Plugin
Moderate
CVE-2020-2184
was published
for
org.jenkins-ci.plugins:cvs
(Maven)
May 24, 2022
CSRF vulnerability in Amazon EC2 Plugin
Low
CVE-2020-2186
was published
for
org.jenkins-ci.plugins:ec2
(Maven)
May 24, 2022
Improper permission checks in Jenkins Copy Artifact Plugin
Moderate
CVE-2020-2183
was published
for
org.jenkins-ci.plugins:copyartifact
(Maven)
May 24, 2022
Secrets are not masked by Jenkins Credentials Binding Plugin in builds without build steps
Moderate
CVE-2020-2181
was published
for
org.jenkins-ci.plugins:credentials-binding
(Maven)
May 24, 2022
Missing SSH host key validation in Jenkins Amazon EC2 Plugin
Moderate
CVE-2020-2185
was published
for
org.jenkins-ci.plugins:ec2
(Maven)
May 24, 2022
chrome-launcher subject to OS Command Injection
Critical
CVE-2020-7645
was published
for
chrome-launcher
(npm)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API