Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

7 advisories

Loading
Jenkins temporary plugin file created with insecure permissions High
CVE-2023-43496 was published for org.jenkins-ci.main:jenkins-core (Maven) Sep 20, 2023
Apache Tomcat may be started without proper security settings High
CVE-2002-0493 was published for org.apache.tomcat:tomcat (Maven) Apr 30, 2022
Incorrect Default Permissions in Apache Tomcat High
CVE-2020-8022 was published for org.apache.tomcat:tomcat (Maven) Feb 9, 2022 withdrawn
westonsteimel
Improper Preservation of Permissions in xxl-job High
CVE-2024-42681 was published for com.xuxueli:xxl-job-core (Maven) Aug 15, 2024
Duplicate Advisory: Apiman has insufficient checks for read permissions High
GHSA-54r5-wr8x-x5v3 was published for io.apiman:apiman-manager-api-rest-impl (Maven) Dec 20, 2022 withdrawn
msavy
Restarting a run with revoked script approval allowed by Jenkins Pipeline: Declarative Plugin High
CVE-2024-52551 was published for org.jenkinsci.plugins:pipeline-model-parent (Maven) Nov 13, 2024
Incorrect Default Permissions in Apache DolphinScheduler High
CVE-2020-13922 was published for org.apache.dolphinscheduler:dolphinscheduler-api (Maven) Feb 9, 2022
ProTip! Advisories are also available from the GraphQL API