Vulnerability Database
Blog
About
Vulnerability Library
search
All ecosystems
42248
Alpine
3088
Android
505
crates.io
1023
Debian
8998
GitHub Actions
6
Go
1155
Hex
21
Linux
12996
Maven
3171
npm
2800
NuGet
254
OSS-Fuzz
2639
Packagist
1295
Pub
3
PyPI
3713
RubyGems
581
ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-q5f8-fxrx-pw6f
Maven/org.jenkins-ci.main:jenkins-core
Jenkins subject to Cross-site Scripting
1.396
1.397
1.398
1.399
1.400
1.401
1.403
...
2023-02-04T00:45:18.316258Z
Fix available
GHSA-939x-6mwj-96r2
Maven/org.jenkins-ci.plugins:azure-ad
Insufficient Session Expiration in Jenkins Azure AD Plugin
0.1.1
0.1.1-1
0.2.0
0.3.0
0.3.1
0.3.2
0.3.3
...
2023-02-04T00:43:09.288953Z
No fix available
GHSA-fqp6-fw9g-xpxp
Maven/org.jeecgframework.boot:jeecg-boot-base
Insecure Permissions issue in jeecg-boot
See details.
2023-02-04T00:30:27Z
No fix available
GHSA-rwhw-6c6r-2823
Maven/org.jeecgframework.boot:jeecg-boot-base
Insecure Permissions issue in jeecg-boot
See details.
2023-02-04T00:30:25Z
No fix available
GHSA-4f48-qpch-4ppx
Maven/org.jeecgframework.boot:jeecg-boot-base
Insecure Permissions issue in jeecg-boot
See details.
2023-02-04T00:30:23Z
No fix available
GHSA-66cr-6whx-732p
Maven/org.jenkins-ci.main:jenkins-core
Jenkins improperly ensures trust separation
1.396
1.397
1.398
1.399
1.400
1.401
1.403
...
2023-02-03T23:38:06.674258Z
Fix available
GHSA-96jv-c7m6-q43g
Maven/org.jenkins-ci.plugins:openid
Cross-site request forgery vulnerability in Jenkins OpenID Plugin
1.0
1.1
1.2
1.3
1.4
1.5
1.6
...
2023-02-03T20:51:40.193489Z
No fix available
GHSA-5xpc-c4xv-7w62
Maven/org.jvnet.hudson.plugins:pwauth
Path traversal vulnerability in Jenkins PWauth Security Realm Plugin
0.4
2023-02-03T20:51:27.205286Z
No fix available
GHSA-vxmh-p52j-h33m
Maven/org.jenkins-ci.plugins:oic-auth
Session fixation vulnerability in Jenkins OpenId Connect Authentication Plugin
1.0
1.1
1.2
1.3
1.4
1.5
1.6
...
2023-02-03T20:51:18.170304Z
Fix available
GHSA-wj79-9fxj-j86p
Maven/org.jenkins-ci.plugins:rabbitmq-consumer
Cross-site request forgery vulnerability in Jenkins RabbitMQ Consumer Plugin
1.0
1.1
1.2
1.3
1.4
1.5
1.6
...
2023-02-03T20:51:17.891777Z
No fix available
GHSA-95jq-24cr-pgrq
Maven/com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger
Cross-site request forgery in Jenkins Gerrit Trigger Plugin
2.0
2.1.0
2.10.0
2.10.1
2.11.0
2.11.0-beta-1
2.11.0-beta-2
...
2023-02-03T20:51:14.420668Z
Fix available
GHSA-4x65-4fjx-r7m6
Maven/org.jenkins-ci.plugins:github-pr-coverage-status
Plaintext storage of Access Token in Jenkins GitHub Pull Request Coverage Status Plugin
1.0.8
1.0.9
1.1.0
1.1.1
1.10.0
1.2.0
1.3.0
...
2023-02-03T20:51:01.323797Z
No fix available
GHSA-v646-rx6w-r3qq
Maven/org.apache.tomcat:tomcat-catalina
Maven/org.apache.tomcat:tomcat-catalina
Improper Access Control in Apache Tomcat
7.0.0
7.0.11
7.0.12
7.0.14
7.0.16
7.0.19
7.0.2
...
2023-02-03T20:50:52.368264Z
Fix available
GHSA-gmhf-37fx-c4q8
Maven/io.jenkins.plugins:macstadium-orka
Missing permission checks in Jenkins Orka Plugin allow capturing credentials
1.0
1.1
1.10
1.12
1.13
1.14
1.15
...
2023-02-03T20:50:51.238250Z
Fix available
GHSA-2jpx-h8j2-g8m4
Maven/com.cloudbees.jenkins.plugins:kubernetes-credentials-provider
Exposure of system-scoped Kubernetes credentials in Jenkins Kubernetes Credentials Provider Plugin
0.10
0.11
0.12
0.12.1
0.13
0.14
0.15
...
2023-02-03T20:50:50.381697Z
Fix available
GHSA-87rh-wc85-xqvc
Maven/io.jenkins.plugins:macstadium-orka
Missing permission checks in Jenkins Orka Plugin allow enumerating credentials IDs
1.0
1.1
1.10
1.12
1.13
1.14
1.15
...
2023-02-03T20:50:49.893638Z
Fix available
Load more...
Maven - OSV