Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

111 advisories

Loading
Password parameter default values exposed by Jenkins Pipeline: Build Step Plugin Moderate
CVE-2022-25184 was published for org.jenkins-ci.plugins:pipeline-build-step (Maven) Feb 16, 2022
NotMyFault
Jenkins Support Core Plugin stores sensitive data in plain text Moderate
CVE-2022-25187 was published for org.jenkins-ci.plugins:support-core (Maven) Feb 16, 2022
westonsteimel
containers/image library Insufficiently Protects Credentials Moderate
CVE-2019-10214 was published for github.com/containers/image (Go) Feb 15, 2022
containerd v1.2.x can be coerced into leaking credentials during image pull Moderate
CVE-2020-15157 was published for github.com/containerd/containerd (Go) Feb 11, 2022
bgeesaman joshlarsen
IanColdwater mauilion raesene
Insufficiently Protected Credentials in Reactor Netty Moderate
CVE-2020-5404 was published for io.projectreactor.netty:reactor-netty-http (Maven) Feb 10, 2022
Insufficiently Protected Credentials in Apache Superset Moderate
CVE-2021-44451 was published for apache-superset (pip) Feb 2, 2022
Access key stored in plain text by Jenkins Metrics Plugin Moderate
CVE-2022-20621 was published for org.jenkins-ci.plugins:metrics (Maven) Jan 13, 2022
westonsteimel
Improper credentials masking in Jenkins HashiCorp Vault Plugin Moderate
CVE-2022-23109 was published for com.datapipe.jenkins.plugins:hashicorp-vault-plugin (Maven) Jan 13, 2022
NotMyFault
Scrapy HTTP authentication credentials potentially leaked to target websites Moderate
CVE-2021-41125 was published for Scrapy (pip) Oct 6, 2021
Insufficiently Protected Credentials in Elasticsearch Moderate
CVE-2021-22132 was published for org.elasticsearch:elasticsearch (Maven) Mar 18, 2021
Django allows unprivileged users to read the password hashes of arbitrary accounts Moderate
CVE-2018-16984 was published for django (pip) Oct 3, 2018
sunSUNQ
ProTip! Advisories are also available from the GraphQL API