Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,761
Maven
5,000+
npm
4,368
NuGet
767
pip
4,137
Pub
12
RubyGems
962
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

190 advisories

Loading
Jenkins Static Analysis Utilities Plugin is vulnerable to Cross-site request forgery vulnerability Moderate
CVE-2019-10307 was published for org.jvnet.hudson.plugins:analysis-core (Maven) May 24, 2022
Jenkins XebiaLabs XL Deploy Plugin vulnerable to Cross-site request forgery (CSRF) Moderate
CVE-2019-10304 was published for com.xebialabs.deployit.ci:deployit-plugin (Maven) May 24, 2022
Cross Site Request Forgery in Jenkins Blue Ocean Plugin Moderate
CVE-2022-30953 was published for io.jenkins.blueocean:blueocean-parent (Maven) May 18, 2022
NotMyFault
Credited to NotMyFault
CSRF vulnerability in Jenkins Script Security Plugin Moderate
CVE-2022-30946 was published for org.jenkins-ci.plugins:script-security (Maven) May 18, 2022
NotMyFault
Credited to NotMyFault
JBoss KeyCloak is vulnerable to soft token deletion via CSRF Moderate
CVE-2014-3655 was published for org.keycloak:keycloak-services (Maven) May 17, 2022
Cross-Site Request Forgery in Jolokia Moderate
CVE-2014-0168 was published for org.jolokia:jolokia-core (Maven) May 17, 2022
Jenkins Cross-Site Request Forgery vulnerabilities Moderate
CVE-2013-2034 was published for org.jenkins-ci.main:jenkins-core (Maven) May 17, 2022
Cross-Site Request Forgery in Apache Struts Moderate
CVE-2012-4386 was published for org.apache.struts:struts2-core (Maven) May 17, 2022
Cross-Site Request Forgery in Apache Tomcat Moderate
CVE-2012-4431 was published for org.apache.tomcat:tomcat (Maven) May 17, 2022
Jenkins GitHub Branch Source Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2017-1000091 was published for org.jenkins-ci.plugins:github-branch-source (Maven) May 17, 2022
Jenkins Subversion Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2017-1000085 was published for org.jenkins-ci.plugins:subversion (Maven) May 17, 2022
Cross-Site Request Forgery in Apache Struts Moderate
CVE-2014-7809 was published for org.apache.struts:struts2-core (Maven) May 14, 2022
sunSUNQ
Credited to sunSUNQ
Jenkins JUnit Plugin CSRF vulnerability Moderate
CVE-2018-1000411 was published for org.jenkins-ci.plugins:junit (Maven) May 14, 2022
Jenkins SaltStack Plugin allows attackers to capture credentials with a known credentials ID stored in Jenkins Moderate
CVE-2018-1999027 was published for org.jenkins-ci.plugins:saltstack (Maven) May 14, 2022
Cross-Site Request Forgery in Jenkins Git Plugin Moderate
CVE-2019-1003010 was published for org.jenkins-ci.plugins:git (Maven) May 14, 2022
Cross-Site Request Forgery in Jenkins Moderate
CVE-2017-2613 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Cross-Site Request Forgery in Jenkins Blue Ocean Plugin Moderate
CVE-2019-1003012 was published for io.jenkins.blueocean:blueocean (Maven) May 13, 2022
Jenkins Job Import Plugin CSRF vulnerability Moderate
CVE-2019-1003017 was published for org.jenkins-ci.plugins:job-import-plugin (Maven) May 13, 2022
Jenkins Job Import Plugin vulnerable to exposure of sensitive information Moderate
CVE-2019-1003016 was published for org.jenkins-ci.plugins:job-import-plugin (Maven) May 13, 2022
Jenkins Monitoring Plugin vulnerable to Denial of service vulnerability Moderate
CVE-2019-1003022 was published for org.jvnet.hudson.plugins:monitoring (Maven) May 13, 2022
CSRF vulnerability in Jenkins Nomad Plugin allow SSRF Moderate
CVE-2019-10292 was published for org.jenkins-ci.plugins:kmap-jenkins (Maven) May 13, 2022
CSRF vulnerability in jenkins-reviewbot Plugin Moderate
CVE-2019-10278 was published for org.jenkins-ci.plugins:jenkins-reviewbot (Maven) May 13, 2022
CSRF vulnerability in Jenkins Netsparker Enterprise Scan Plugin Moderate
CVE-2019-10289 was published for org.jenkins-ci.plugins:netsparker-cloud-scan (Maven) May 13, 2022
Jenkins Fortify on Demand Uploader Plugin CSRF vulnerability Moderate
CVE-2019-1003046 was published for org.jenkins-ci.plugins:fortify-on-demand-uploader (Maven) May 13, 2022
CSRF vulnerability in Jenkins Audit to Database Plugin Moderate
CVE-2019-1003076 was published for org.jenkins-ci.plugins:audit2db (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database