Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

177 advisories

Loading
Jenkins Digital.ai App Management Publisher Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2023-35148 was published for org.jenkins-ci.plugins:ease-plugin (Maven) Jun 14, 2023
Jenkins Code Dx Plugin cross-site request forgery vulnerability Moderate
CVE-2023-2195 was published for org.jenkins-ci.plugins:codedx (Maven) May 16, 2023
Jenkins Tag Profiler Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2023-33003 was published for org.jenkins-ci.plugins:tag-profiler (Maven) May 16, 2023
Jenkins WSO2 Oauth Plugin cross-site request forgery vulnerability Moderate
CVE-2023-33006 was published for org.jenkins-ci.plugins:wso2id-oauth (Maven) May 16, 2023
Jenkins LDAP Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2023-32978 was published for org.jenkins-ci.plugins:ldap (Maven) May 16, 2023
Jenkins AppSpider Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-32998 was published for com.rapid7:jenkinsci-appspider-plugin (Maven) May 16, 2023
Jenkins Azure VM Agents Plugin Cross-site Request Forgery vulnerability Moderate
CVE-2023-32989 was published for org.jenkins-ci.plugins:azure-vm-agents (Maven) May 16, 2023
Jenkins SAML Single Sign On(SSO) Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-32995 was published for io.jenkins.plugins:miniorange-saml-sp (Maven) May 16, 2023
Jenkins Reverse Proxy Auth Plugin cross-site request forgery vulnerability Moderate
CVE-2023-32987 was published for org.jenkins-ci.plugins:reverse-proxy-auth-plugin (Maven) May 16, 2023
Jenkins Email Extension Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-32980 was published for org.jenkins-ci.plugins:email-ext (Maven) May 16, 2023
Jenkins Lucene-Search Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2023-30529 was published for org.jenkins-ci.plugins:lucene-search (Maven) Apr 12, 2023
Jenkins Report Portal Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-30525 was published for org.jenkins-ci.plugins:reportportal (Maven) Apr 12, 2023
Jenkins OctoPerf Load Testing Plugin vulnerable to Cross-site Request Forgery Moderate
CVE-2023-28671 was published for org.jenkinsci.plugins:octoperf (Maven) Apr 2, 2023
Jenkins OctoPerf Load Testing Plugin vulnerable to Cross-site Request Forgery Moderate
CVE-2023-28674 was published for org.jenkinsci.plugins:octoperf (Maven) Apr 2, 2023
OpenNMS Meridian and Horizon vulnerable to Cross-Site Request Forgery Moderate
CVE-2023-0870 was published for org.opennms:opennms-webapp (Maven) Mar 22, 2023
apollo-portal has potential CSRF issue Moderate
CVE-2023-25569 was published for com.ctrip.framework.apollo:apollo (Maven) Feb 22, 2023
Cross-Site Request Forgery in XXL Job Moderate
CVE-2023-0674 was published for com.xuxueli:xxl-job (Maven) Feb 4, 2023
Cross-site request forgery in Jenkins Gerrit Trigger Plugin Moderate
CVE-2023-24423 was published for com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger (Maven) Jan 26, 2023
Cross-site request forgery vulnerability in Jenkins Bitbucket OAuth Plugin Moderate
CVE-2023-24428 was published for org.jenkins-ci.plugins:bitbucket-oauth (Maven) Jan 26, 2023
Cross-site request forgery vulnerability in Jenkins JIRA Pipeline Steps Plugin Moderate
CVE-2023-24437 was published for org.jenkins-ci.plugins:jira-steps (Maven) Jan 26, 2023
CSRF vulnerability in Jenkins Keycloak Authentication Plugin Moderate
CVE-2023-24457 was published for org.jenkins-ci.plugins:keycloak (Maven) Jan 26, 2023
Jenkins Sonar Gerrit Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2022-46688 was published for org.jenkins-ci.plugins:sonar-gerrit (Maven) Dec 12, 2022
Cross-Site Request Forgery in Jenkins Delete log Plugin Moderate
CVE-2022-45393 was published for org.jenkins-ci.plugins:delete-log-plugin (Maven) Nov 16, 2022
NotMyFault
Cross-Site Request Forgery in Jenkins Cluster Statistics Plugin Moderate
CVE-2022-45398 was published for org.zeroturnaround:cluster-stats (Maven) Nov 16, 2022
NotMyFault
CSRF vulnerability in Jenkins Katalon Plugin allows capturing credentials Moderate
CVE-2022-43418 was published for org.jenkins-ci.plugins:katalon (Maven) Oct 19, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database