GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
177 advisories
Filter by severity
Jenkins docker-build-step Plugin Cross-Site Request Forgery vulnerability
Moderate
CVE-2024-2215
was published
for
org.jenkins-ci.plugins:docker-build-step
(Maven)
Mar 6, 2024
Jenkins NeuVector Vulnerability Scanner Plugin Cross-Site Request Forgery vulnerability
Moderate
CVE-2023-49673
was published
for
io.jenkins.plugins:neuvector-vulnerability-scanner
(Maven)
Nov 29, 2023
CSRF vulnerability in Jenkins Nomad Plugin allow SSRF
Moderate
CVE-2019-10292
was published
for
org.jenkins-ci.plugins:kmap-jenkins
(Maven)
May 13, 2022
Cross-Site Request Forgery in Apache Wicket
Moderate
CVE-2024-27439
was published
for
org.apache.wicket:wicket
(Maven)
Mar 19, 2024
Apache Zeppelin CSRF vulnerability in the Credentials page
Moderate
CVE-2021-28656
was published
for
org.apache.zeppelin:zeppelin-web
(Maven)
Apr 9, 2024
Jenkins Subversion Partial Release Manager Plugin vulnerable to Cross-Site Request Forgery
Moderate
CVE-2024-28158
was published
for
org.jenkins-ci.plugins:svn-partial-release-mgr
(Maven)
Mar 6, 2024
BlazeMeter Jenkins plugin vulnerable to Cross-Site Request Forgery
Moderate
CVE-2024-3825
was published
for
com.blazemeter.plugins:BlazeMeterJenkinsPlugin
(Maven)
Apr 17, 2024
Moderate severity vulnerability that affects org.apache.cxf.fediz:fediz-spring, org.apache.cxf.fediz:fediz-spring2, and org.apache.cxf.fediz:fediz-spring3
Moderate
CVE-2017-12631
was published
for
org.apache.cxf.fediz:fediz-spring
(Maven)
Oct 18, 2018
XWiki Platform CSRF in the job scheduler
Moderate
CVE-2024-31985
was published
for
org.xwiki.platform:xwiki-platform-scheduler-ui
(Maven)
Apr 10, 2024
CSRF attack via CORS preflight requests with Spring MVC or Spring WebFlux
Moderate
CVE-2020-5397
was published
for
org.springframework:spring-webflux
(Maven)
Jan 21, 2020
Cross-Site Request Forgery in Spring Framework
Moderate
CVE-2014-0054
was published
for
org.springframework:spring-webmvc
(Maven)
May 13, 2022
Cross-Site Request Forgery in Spring Framework
Moderate
CVE-2013-6429
was published
for
org.springframework:spring-web
(Maven)
May 13, 2022
Cross-Site Request Forgery in Spring Framework
Moderate
CVE-2013-4152
was published
for
org.springframework:spring-oxm
(Maven)
May 13, 2022
Apache Geronimo Application Server CSRF vulnerabilities
Moderate
CVE-2009-0039
was published
for
org.apache.geronimo.plugins:console
(Maven)
May 2, 2022
CSRF vulnerability in Jenkins GitLab Branch Source Plugin
Moderate
CVE-2024-23902
was published
for
io.jenkins.plugins:gitlab-branch-source
(Maven)
Jan 24, 2024
CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin
Moderate
CVE-2023-41942
was published
for
org.jenkins-ci.plugins:aws-codecommit-trigger
(Maven)
Sep 6, 2023
CSRF vulnerability in Jenkins Ivy Plugin
Moderate
CVE-2023-41938
was published
for
org.jenkins-ci.plugins:ivy
(Maven)
Sep 6, 2023
CSRF vulnerability in Jenkins Gearman Plugin
Moderate
CVE-2019-1003082
was published
for
org.jenkins-ci.plugins:gearman-plugin
(Maven)
May 13, 2022
CSRF vulnerability in Jenkins SOASTA CloudTest Plugin
Moderate
CVE-2019-1003090
was published
for
com.soasta.jenkins:cloudtest
(Maven)
May 13, 2022
CSRF vulnerability in Jenkins OpenShift Deployer Plugin
Moderate
CVE-2019-1003080
was published
for
org.jenkins-ci.plugins:openshift-deployer
(Maven)
May 13, 2022
CSRF vulnerability in jenkins-reviewbot Plugin
Moderate
CVE-2019-10278
was published
for
org.jenkins-ci.plugins:jenkins-reviewbot
(Maven)
May 13, 2022
CSRF vulnerability in Jenkins Audit to Database Plugin
Moderate
CVE-2019-1003076
was published
for
org.jenkins-ci.plugins:audit2db
(Maven)
May 13, 2022
Jenkins Monitoring Plugin vulnerable to Denial of service vulnerability
Moderate
CVE-2019-1003022
was published
for
org.jvnet.hudson.plugins:monitoring
(Maven)
May 13, 2022
CSRF vulnerability in Jenkins Netsparker Enterprise Scan Plugin
Moderate
CVE-2019-10289
was published
for
org.jenkins-ci.plugins:netsparker-cloud-scan
(Maven)
May 13, 2022
CSRF vulnerability in Jenkins FTP publisher Plugin
Moderate
CVE-2019-1003058
was published
for
org.jvnet.hudson.plugins:ftppublisher
(Maven)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API