Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

66 advisories

Loading
Elasticsearch Incorrect Authorization vulnerability Moderate
CVE-2024-12539 was published for org.elasticsearch:elasticsearch (Maven) Dec 17, 2024
Jenkins item creation restriction bypass vulnerability Moderate
CVE-2024-47804 was published for org.jenkins-ci.main:jenkins-core (Maven) Oct 2, 2024
Missing permission check in Jenkins Dimensions Plugin allows enumerating credentials IDs Moderate
CVE-2023-32261 was published for org.jenkins-ci.plugins:dimensionsscm (Maven) Jul 19, 2023
OpenNMS privilege escalation vulnerability Moderate
CVE-2023-40315 was published for org.opennms:opennms-webapp-rest (Maven) Aug 17, 2023
Apache Pulsar: Improper Authorization For Namespace and Topic Management Endpoints Moderate
CVE-2024-29834 was published for org.apache.pulsar:pulsar-broker (Maven) Apr 2, 2024
oscerd
Apache Pulsar: Improper Authorization For Topic-Level Policy Management Moderate
CVE-2024-28098 was published for org.apache.pulsar:pulsar-broker (Maven) Mar 12, 2024
oscerd
Elasticsearch Incorrect Authorization vulnerability Moderate
CVE-2024-23451 was published for org.elasticsearch:elasticsearch (Maven) Mar 27, 2024
Jenkins Promoted Builds Plugin allowed unauthorized users to run some promotion processes Moderate
CVE-2018-1000114 was published for org.jenkins-ci.plugins:promoted-builds (Maven) May 13, 2022
Improper authorization vulnerability in Jenkins Mesos Plugin Moderate
CVE-2018-1000420 was published for org.jenkins-ci.plugins:mesos (Maven) May 13, 2022
Incorrect permission checks in Jenkins Support Core Plugin Moderate
CVE-2022-45383 was published for org.jenkins-ci.plugins:support-core (Maven) Nov 16, 2022
NotMyFault
Missing Authorization in Jenkins Azure Credentials Plugin Moderate
CVE-2023-25768 was published for org.jenkins-ci.plugins:azure-credentials (Maven) Feb 15, 2023
Memory usage graphs accessible to anyone with Overall/Read Moderate
CVE-2020-2104 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Incorrect Authorization in Jenkins Moderate
CVE-2018-1999003 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Incorrect Authorization in Jenkins Moderate
CVE-2018-1999004 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Incorrect permission check in XebiaLabs XL Deploy Plugin allows capturing credentials Moderate
CVE-2021-21664 was published for com.xebialabs.deployit.ci:deployit-plugin (Maven) May 24, 2022
NotMyFault
Jenkins Google Play Android Publisher Plugin allows attacker to obtain credential IDs Moderate
CVE-2018-1000109 was published for org.jenkins-ci.plugins:google-play-android-publisher (Maven) May 13, 2022
Incorrect permission checks in Jenkins Role-based Authorization Strategy Plugin may allow accessing some items Moderate
CVE-2021-21624 was published for org.jenkins-ci.plugins:role-strategy (Maven) May 24, 2022
NotMyFault
Incorrect Authorization in Jenkins Mercurial Plugin Moderate
CVE-2018-1000112 was published for org.jenkins-ci.plugins:mercurial (Maven) May 13, 2022
Incorrect Authorization in Jenkins Gerrit Trigger Plugin Moderate
CVE-2018-1000106 was published for com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger (Maven) May 13, 2022
Incorrect Authorization in Jenkins Gerrit Trigger Plugin Moderate
CVE-2018-1000105 was published for com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger (Maven) May 13, 2022
Jenkins Jira Plugin Incorrect Authorization vulnerability Moderate
CVE-2018-1000412 was published for org.jenkins-ci.plugins:jira (Maven) May 13, 2022
Incorrect permission checks in Jenkins Matrix Authorization Strategy Plugin may allow accessing some items Moderate
CVE-2021-21623 was published for org.jenkins-ci.plugins:matrix-auth (Maven) May 24, 2022
NotMyFault
Missing permission check for paths with specific prefix in Jenkins Moderate
CVE-2021-21609 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Missing permission checks in Mac Plugin Moderate
CVE-2020-2148 was published for fr.edf.jenkins.plugins:mac (Maven) May 24, 2022
NotMyFault
Improper permission checks allow canceling queue items and aborting builds in Jenkins Moderate
CVE-2021-21670 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API