GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
273 advisories
Untrusted users can modify some Pipeline libraries in Jenkins Pipeline: Deprecated Groovy Libraries Plugin
High
CVE-2022-29047
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
(Maven)
Apr 13, 2022
Incorrect Authorization in imgcrypt
High
CVE-2022-24778
was published
for
github.com/containerd/imgcrypt
(Go)
Mar 28, 2022
Reject unauthorized access with GitHub PATs
High
CVE-2021-21432
was published
for
github.com/go-vela/server
(Go)
Feb 15, 2022
Incorrect Authorization in NATS nats-server
High
CVE-2022-24450
was published
for
github.com/nats-io/nats-server/v2
(Go)
Feb 8, 2022
Communities and collections administrators can escalate their privilege up to system administrator
High
CVE-2021-41189
was published
for
org.dspace:dspace-api
(Maven)
Nov 1, 2021
ProTip!
Advisories are also available from the
GraphQL API