GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,049
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
140 advisories
Filter by severity
Storing Password in Local Storage
Moderate
GHSA-wvh7-5p38-2qfc
was published
for
parse
(npm)
Jul 23, 2020
Plaintext Storage of a Password in Jenkins Eagle Tester Plugin
Moderate
CVE-2020-2129
was published
for
com.mobileenerlytics.eagle.tester:eagle-tester
(Maven)
May 24, 2022
Rundeck's Key Storage converter plugin mechanism's encryption layer not working in 4.2.0, 4.2.1, 4.3.0
High
CVE-2022-31044
was published
for
org.rundeck:rundeck
(Maven)
Jun 17, 2022
Jenkins LDAP Email Plugin shows plain text password in configuration form
Low
CVE-2019-10434
was published
for
com.mtvi.plateng.hudson:ldapemail
(Maven)
May 24, 2022
Fortify Plugin stored credentials in plain text
Moderate
CVE-2020-2107
was published
for
org.jenkins-ci.plugins:fortify
(Maven)
May 24, 2022
Dell EMC Avamar Server version 19.4 contains a plain-text password storage vulnerability in...
Moderate
Unreviewed
CVE-2021-36317
was published
Dec 22, 2021
A vulnerability has been identified in LOGO!8 BM (All versions). Unencrypted storage of passwords...
High
Unreviewed
CVE-2019-10921
was published
May 24, 2022
Password stored in plain text by Applatix Plugin
Moderate
CVE-2020-2133
was published
for
com.applatix.jenkins:applatix
(Maven)
May 24, 2022
Plaintext Storage in Jenkins Spira Importer Plugin
Low
CVE-2019-16543
was published
for
com.inflectra.spiratest.plugins:inflectra-spira-integration
(Maven)
May 24, 2022
Plaintext storage of tokens in pulp_ansible
Moderate
CVE-2022-3644
was published
for
pulp-ansible
(pip)
Oct 25, 2022
Passwords stored in plain text by Mail Commander Plugin for Jenkins-ci Plugin
Moderate
CVE-2020-2318
was published
for
org.jenkins-ci.plugins:mailcommander
(Maven)
May 24, 2022
Password stored in plain text by Jenkins AppSpider Plugin
Low
CVE-2020-2314
was published
for
com.rapid7:jenkinsci-appspider-plugin
(Maven)
May 24, 2022
Password stored in plain text by Jenkins VMware Lab Manager Slaves Plugin
Low
CVE-2020-2319
was published
for
org.jenkins-ci.plugins:labmanager
(Maven)
May 24, 2022
User passwords stored in plain text by Jenkins EasyQA Plugin
Low
CVE-2022-34202
was published
for
com.geteasyqa:easyqa
(Maven)
Jun 24, 2022
Jenkins BigPanda Notifier Plugin stores BigPanda API key unencrypted
Low
CVE-2022-41247
was published
for
org.jenkins-ci.plugins:bigpanda-jenkins
(Maven)
Sep 22, 2022
Passwords stored in plain text by Jenkins view-cloner Plugin
Moderate
CVE-2023-24450
was published
for
org.jenkins-ci.plugins:view-cloner
(Maven)
Jan 26, 2023
Plaintext storage of Access Token in Jenkins GitHub Pull Request Coverage Status Plugin
Moderate
CVE-2023-24442
was published
for
org.jenkins-ci.plugins:github-pr-coverage-status
(Maven)
Jan 26, 2023
Plaintext Storage of a Password in Jenkins JIRA Pipeline Steps Plugin
Moderate
CVE-2023-24439
was published
for
org.jenkins-ci.plugins:jira-steps
(Maven)
Jan 26, 2023
Plaintext Storage of a Password in Jenkins TestQuality Updater Plugin
Moderate
CVE-2023-24454
was published
for
org.jenkins-ci.plugins:testquality-updater
(Maven)
Jan 26, 2023
Plaintext storage of sensitive data in Rancher API and cluster.management.cattle.io objects
High
CVE-2022-43757
was published
for
github.com/rancher/rancher
(Go)
Jan 25, 2023
etcd user credentials are stored in WAL logs in plaintext
Low
GHSA-528j-9r78-wffx
was published
for
go.etcd.io/etcd/client/v3
(Go)
Oct 6, 2022
The CODESYS OPC DA Server prior V3.5.18.20 stores PLC passwords as plain text in its...
High
Unreviewed
CVE-2022-1794
was published
Jul 12, 2022
API token stored in plain text by Jenkins CONS3RT Plugin
Low
CVE-2022-41255
was published
for
org.jenkins-ci.plugins:cons3rt
(Maven)
Sep 22, 2022
Plaintext Storage of a Password vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F...
High
Unreviewed
CVE-2023-0457
was published
Mar 3, 2023
Plaintext Storage of a Password in Jenkins Convertigo Mobile Platform Plugin
Moderate
CVE-2022-34199
was published
for
com.convertigo.jenkins.plugins:convertigo-mobile-platform
(Maven)
Jun 24, 2022
ProTip!
Advisories are also available from the
GraphQL API