GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
177 advisories
Filter by severity
Moderate severity vulnerability that affects org.apache.cxf.fediz:fediz-jetty8, org.apache.cxf.fediz:fediz-jetty9, and org.apache.cxf.fediz:fediz-spring2
Moderate
CVE-2017-7661
was published
for
org.apache.cxf.fediz:fediz-jetty8
(Maven)
Oct 18, 2018
Moderate severity vulnerability that affects org.apache.cxf.fediz:fediz-spring, org.apache.cxf.fediz:fediz-spring2, and org.apache.cxf.fediz:fediz-spring3
Moderate
CVE-2017-12631
was published
for
org.apache.cxf.fediz:fediz-spring
(Maven)
Oct 18, 2018
CSRF attack via CORS preflight requests with Spring MVC or Spring WebFlux
Moderate
CVE-2020-5397
was published
for
org.springframework:spring-webflux
(Maven)
Jan 21, 2020
CSRF in Play Framework
Moderate
CVE-2020-12480
was published
for
com.typesafe.play:play_2.12
(Maven)
Aug 18, 2020
Cross-Site Request Forgery in OpenNMS Horizon
Moderate
CVE-2021-25930
was published
for
org.opennms:opennms
(Maven)
May 25, 2021
Cross-Site Request Forgery in the Jenkins Claim plugin
Moderate
CVE-2021-21620
was published
for
org.jenkins-ci.plugins:claim
(Maven)
Jun 16, 2021
No CSRF protection on the password change form
Moderate
CVE-2021-32730
was published
for
org.xwiki.platform:xwiki-platform-administration-ui
(Maven)
Jul 2, 2021
Request injection in Spring Cloud Gateway
Moderate
CVE-2021-22051
was published
for
org.springframework.cloud:spring-cloud-gateway
(Maven)
Nov 10, 2021
CSRF vulnerability in Jenkins batch task Plugin
Moderate
CVE-2022-23115
was published
for
org.jenkins-ci.plugins:batch-task
(Maven)
Jan 13, 2022
CSRF vulnerability and missing permission checks in Jenkins Publish Over SSH Plugin
Moderate
CVE-2022-23111
was published
for
org.jenkins-ci.plugins:publish-over-ssh
(Maven)
Jan 13, 2022
Cross-Site Request Forgery in Jenkins Mailer Plugin
Moderate
CVE-2022-20613
was published
for
org.jenkins-ci.plugins:mailer
(Maven)
Jan 13, 2022
Cross-Site Request Forgery in Jenkins
Moderate
CVE-2022-20612
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Jan 21, 2022
Cross-Site Request Forgery
Moderate
CVE-2020-7780
was published
for
com.softwaremill.akka-http-session:core_2.11
(Maven)
Feb 9, 2022
CSRF vulnerability in Jenkins SWAMP Plugin allows capturing credentials
Moderate
CVE-2022-25212
was published
for
org.continuousassurance.swamp.jenkins:swamp
(Maven)
Feb 16, 2022
CSRF vulnerability in Jenkins Checkmarx Plugin allow capturing credentials
Moderate
CVE-2022-25200
was published
for
com.checkmarx.jenkins:checkmarx
(Maven)
Feb 16, 2022
Jenkins Snow Commander Plugin 2.0 vulnerable to Cross-Site Request Forgery
Moderate
CVE-2022-25192
was published
for
io.jenkins.plugins:embotics-vcommander
(Maven)
Feb 16, 2022
CSRF vulnerability in Jenkins Release Helper Plugin
Moderate
CVE-2022-27214
was published
for
org.jenkins-ci.plugins:release-helper
(Maven)
Mar 16, 2022
CSRF vulnerability and missing permission checks in Jenkins Extended Choice Parameter Plugin allow SSRF
Moderate
CVE-2022-27204
was published
for
org.jenkins-ci.plugins:extended-choice-parameter
(Maven)
Mar 16, 2022
CSRF vulnerability in Jenkins Job and Node ownership Plugin
Moderate
CVE-2022-28152
was published
for
com.synopsys.jenkinsci:ownership
(Maven)
Mar 30, 2022
CSRF vulnerability in Proxmox Plugin
Moderate
CVE-2022-28143
was published
for
org.jenkins-ci.plugins:proxmox
(Maven)
Mar 30, 2022
CSRF vulnerability in Jenkins RocketChat Notifier Plugin
Moderate
CVE-2022-28138
was published
for
org.jenkins-ci.plugins:rocketchatnotifier
(Maven)
Mar 30, 2022
CSRF vulnerability in Jenkins Subversion Plugin
Moderate
CVE-2022-29048
was published
for
org.jenkins-ci.plugins:subversion
(Maven)
Apr 13, 2022
Apache Tomcat Example Application CSRF and XSS Vulnerabilities
Moderate
CVE-2007-4724
was published
for
org.apache.tomcat:tomcat
(Maven)
May 1, 2022
Apache Geronimo Application Server CSRF vulnerabilities
Moderate
CVE-2009-0039
was published
for
org.apache.geronimo.plugins:console
(Maven)
May 2, 2022
Cross-site request forgery in Apache ActiveMQ
Moderate
CVE-2010-1244
was published
for
org.apache.activemq:activemq-parent
(Maven)
May 2, 2022
ProTip!
Advisories are also available from the
GraphQL API