Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,761
Maven
5,000+
npm
4,368
NuGet
767
pip
4,137
Pub
12
RubyGems
962
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

190 advisories

Loading
CSRF vulnerability in Jenkins OpenShift Deployer Plugin Moderate
CVE-2019-1003080 was published for org.jenkins-ci.plugins:openshift-deployer (Maven) May 13, 2022
CSRF vulnerability in Jenkins Audit to Database Plugin Moderate
CVE-2019-1003076 was published for org.jenkins-ci.plugins:audit2db (Maven) May 13, 2022
CSRF vulnerability in Jenkins FTP publisher Plugin Moderate
CVE-2019-1003058 was published for org.jvnet.hudson.plugins:ftppublisher (Maven) May 13, 2022
CSRF vulnerability in Zephyr Enterprise Test Management Plugin Moderate
CVE-2019-1003084 was published for org.jenkins-ci.plugins:zephyr-enterprise-test-management (Maven) May 13, 2022
CSRF vulnerability in Jenkins sinatra-chef-builder Plugin Moderate
CVE-2019-1003086 was published for org.jenkins-ci.plugins:sinatra-chef-builder (Maven) May 13, 2022
CSRF vulnerability in Jenkins Gearman Plugin Moderate
CVE-2019-1003082 was published for org.jenkins-ci.plugins:gearman-plugin (Maven) May 13, 2022
Cross-site request forgery vulnerability in Jenkins Nomad Plugin Moderate
CVE-2019-1003092 was published for org.jenkins-ci.plugins:nomad (Maven) May 13, 2022
joshbressers
Credited to joshbressers
Jenkins OpenID Plugin CSRF vulnerability Moderate
CVE-2019-1003098 was published for org.jenkins-ci.plugins:openid (Maven) May 13, 2022
CSRF vulnerability in Jenkins SOASTA CloudTest Plugin Moderate
CVE-2019-1003090 was published for com.soasta.jenkins:cloudtest (Maven) May 13, 2022
Cross-Site Request Forgery in Spring Framework Moderate
CVE-2013-6429 was published for org.springframework:spring-web (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
Cross-Site Request Forgery in Spring Framework Moderate
CVE-2013-4152 was published for org.springframework:spring-oxm (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
Cross-Site Request Forgery in Spring Framework Moderate
CVE-2014-0054 was published for org.springframework:spring-webmvc (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
Cross-Site Request Forgery in Jenkins Moderate
CVE-2018-1000195 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Jenkins Cross-Site Request Forgery vulnerability Moderate
CVE-2013-0329 was published for org.jenkins-ci.main:jenkins-core (Maven) May 5, 2022
Jenkins Cross-Site Request Forgery vulnerability Moderate
CVE-2013-0327 was published for org.jenkins-ci.main:jenkins-core (Maven) May 5, 2022
Cross-site request forgery in Apache ActiveMQ Moderate
CVE-2010-1244 was published for org.apache.activemq:activemq-parent (Maven) May 2, 2022
sunSUNQ
Credited to sunSUNQ
Apache Geronimo Application Server CSRF vulnerabilities Moderate
CVE-2009-0039 was published for org.apache.geronimo.plugins:console (Maven) May 2, 2022
westonsteimel MarkLee131
Credited to westonsteimel and MarkLee131
Apache Tomcat Example Application CSRF and XSS Vulnerabilities Moderate
CVE-2007-4724 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
CSRF vulnerability in Jenkins Subversion Plugin Moderate
CVE-2022-29048 was published for org.jenkins-ci.plugins:subversion (Maven) Apr 13, 2022
NotMyFault
Credited to NotMyFault
CSRF vulnerability in Jenkins RocketChat Notifier Plugin Moderate
CVE-2022-28138 was published for org.jenkins-ci.plugins:rocketchatnotifier (Maven) Mar 30, 2022
NotMyFault
Credited to NotMyFault
CSRF vulnerability in Proxmox Plugin Moderate
CVE-2022-28143 was published for org.jenkins-ci.plugins:proxmox (Maven) Mar 30, 2022
CSRF vulnerability in Jenkins Job and Node ownership Plugin Moderate
CVE-2022-28152 was published for com.synopsys.jenkinsci:ownership (Maven) Mar 30, 2022
NotMyFault
Credited to NotMyFault
CSRF vulnerability and missing permission checks in Jenkins Extended Choice Parameter Plugin allow SSRF Moderate
CVE-2022-27204 was published for org.jenkins-ci.plugins:extended-choice-parameter (Maven) Mar 16, 2022
NotMyFault
Credited to NotMyFault
CSRF vulnerability in Jenkins Release Helper Plugin Moderate
CVE-2022-27214 was published for org.jenkins-ci.plugins:release-helper (Maven) Mar 16, 2022
NotMyFault
Credited to NotMyFault
Jenkins Snow Commander Plugin 2.0 vulnerable to Cross-Site Request Forgery Moderate
CVE-2022-25192 was published for io.jenkins.plugins:embotics-vcommander (Maven) Feb 16, 2022
NotMyFault
Credited to NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database