GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
177 advisories
Filter by severity
BlazeMeter Jenkins plugin vulnerable to Cross-Site Request Forgery
Moderate
CVE-2024-3825
was published
for
com.blazemeter.plugins:BlazeMeterJenkinsPlugin
(Maven)
Apr 17, 2024
XWiki Platform CSRF in the job scheduler
Moderate
CVE-2024-31985
was published
for
org.xwiki.platform:xwiki-platform-scheduler-ui
(Maven)
Apr 10, 2024
Apache Zeppelin CSRF vulnerability in the Credentials page
Moderate
CVE-2021-28656
was published
for
org.apache.zeppelin:zeppelin-web
(Maven)
Apr 9, 2024
Cross-Site Request Forgery in Apache Wicket
Moderate
CVE-2024-27439
was published
for
org.apache.wicket:wicket
(Maven)
Mar 19, 2024
Jenkins docker-build-step Plugin Cross-Site Request Forgery vulnerability
Moderate
CVE-2024-2215
was published
for
org.jenkins-ci.plugins:docker-build-step
(Maven)
Mar 6, 2024
Jenkins Subversion Partial Release Manager Plugin vulnerable to Cross-Site Request Forgery
Moderate
CVE-2024-28158
was published
for
org.jenkins-ci.plugins:svn-partial-release-mgr
(Maven)
Mar 6, 2024
CSRF vulnerability in Jenkins GitLab Branch Source Plugin
Moderate
CVE-2024-23902
was published
for
io.jenkins.plugins:gitlab-branch-source
(Maven)
Jan 24, 2024
Jenkins Nexus Platform Plugin Cross-Site Request Forgery vulnerability
Moderate
CVE-2023-50768
was published
for
org.sonatype.nexus.ci:nexus-jenkins-plugin
(Maven)
Dec 13, 2023
Cross-Site Request Forgery in Jenkins PaaSLane Estimate Plugin
Moderate
CVE-2023-50778
was published
for
com.cloudtp.jenkins:paaslane-estimate
(Maven)
Dec 13, 2023
Cross-site request forgery vulnerability in Jenkins Deployment Dashboard Plugin
Moderate
CVE-2023-50775
was published
for
org.jenkins-ci.plugins:ec2-deployment-dashboard
(Maven)
Dec 13, 2023
Jenkins NeuVector Vulnerability Scanner Plugin Cross-Site Request Forgery vulnerability
Moderate
CVE-2023-49673
was published
for
io.jenkins.plugins:neuvector-vulnerability-scanner
(Maven)
Nov 29, 2023
Jenkins Build Failure Analyzer Plugin Cross-Site Request Forgery vulnerability
Moderate
CVE-2023-43500
was published
for
com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer
(Maven)
Sep 20, 2023
Jenkins Build Failure Analyzer Plugin Cross-Site Request Forgery vulnerability
Moderate
CVE-2023-43502
was published
for
com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer
(Maven)
Sep 20, 2023
CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin
Moderate
CVE-2023-41942
was published
for
org.jenkins-ci.plugins:aws-codecommit-trigger
(Maven)
Sep 6, 2023
CSRF vulnerability in Jenkins Ivy Plugin
Moderate
CVE-2023-41938
was published
for
org.jenkins-ci.plugins:ivy
(Maven)
Sep 6, 2023
Jenkins Fortify Plugin cross-site request forgery vulnerability
Moderate
CVE-2023-4301
was published
for
org.jenkins-ci.plugins:fortify
(Maven)
Aug 22, 2023
Jenkins Blue Ocean Plugin cross-site request forgery vulnerability
Moderate
CVE-2023-40341
was published
for
io.jenkins.blueocean:blueocean
(Maven)
Aug 16, 2023
Jenkins Favorite View Plugin cross-site request forgery vulnerability
Moderate
CVE-2023-40351
was published
for
org.jenkins-ci.plugins:favorite-view
(Maven)
Aug 16, 2023
Jenkins Folders Plugin cross-site request forgery vulnerability
Moderate
CVE-2023-40337
was published
for
org.jenkins-ci.plugins:cloudbees-folder
(Maven)
Aug 16, 2023
Credential leakage in Jenkins Plug-in for ServiceNow
Moderate
CVE-2023-3414
was published
for
io.jenkins.plugins:servicenow-devops
(Maven)
Jul 26, 2023
CSRF vulnerability in GitLab Authentication Plugin
Moderate
CVE-2023-39153
was published
for
org.jenkins-ci.plugins:gitlab-oauth
(Maven)
Jul 26, 2023
CSRF vulnerability in Bazaar Plugin
Moderate
CVE-2023-39156
was published
for
org.jenkins-ci.plugins:bazaar
(Maven)
Jul 26, 2023
Jenkins Test Results Aggregator Plugin vulnerable to Cross Site Request Forgery
Moderate
CVE-2023-37955
was published
for
org.jenkins-ci.plugins:test-results-aggregator
(Maven)
Jul 12, 2023
Jenkins mabl Plugin vulnerable to cross-site request forgery
Moderate
CVE-2023-37952
was published
for
com.mabl.integration.jenkins:mabl-integration
(Maven)
Jul 12, 2023
Jenkins Rebuilder Plugin vulnerable to Cross Site Request Forgery
Moderate
CVE-2023-37954
was published
for
com.sonyericsson.hudson.plugins.rebuild:rebuild
(Maven)
Jul 12, 2023
ProTip!
Advisories are also available from the
GraphQL API