Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

177 advisories

Loading
Jenkins docker-build-step Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2024-2215 was published for org.jenkins-ci.plugins:docker-build-step (Maven) Mar 6, 2024
Jenkins NeuVector Vulnerability Scanner Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-49673 was published for io.jenkins.plugins:neuvector-vulnerability-scanner (Maven) Nov 29, 2023
secjoker
CSRF vulnerability in Jenkins Nomad Plugin allow SSRF Moderate
CVE-2019-10292 was published for org.jenkins-ci.plugins:kmap-jenkins (Maven) May 13, 2022
Cross-Site Request Forgery in Apache Wicket Moderate
CVE-2024-27439 was published for org.apache.wicket:wicket (Maven) Mar 19, 2024
Apache Zeppelin CSRF vulnerability in the Credentials page Moderate
CVE-2021-28656 was published for org.apache.zeppelin:zeppelin-web (Maven) Apr 9, 2024
Jenkins Subversion Partial Release Manager Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2024-28158 was published for org.jenkins-ci.plugins:svn-partial-release-mgr (Maven) Mar 6, 2024
BlazeMeter Jenkins plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2024-3825 was published for com.blazemeter.plugins:BlazeMeterJenkinsPlugin (Maven) Apr 17, 2024
Moderate severity vulnerability that affects org.apache.cxf.fediz:fediz-spring, org.apache.cxf.fediz:fediz-spring2, and org.apache.cxf.fediz:fediz-spring3 Moderate
CVE-2017-12631 was published for org.apache.cxf.fediz:fediz-spring (Maven) Oct 18, 2018
MarkLee131
XWiki Platform CSRF in the job scheduler Moderate
CVE-2024-31985 was published for org.xwiki.platform:xwiki-platform-scheduler-ui (Maven) Apr 10, 2024
CSRF attack via CORS preflight requests with Spring MVC or Spring WebFlux Moderate
CVE-2020-5397 was published for org.springframework:spring-webflux (Maven) Jan 21, 2020
sunSUNQ
Cross-Site Request Forgery in Spring Framework Moderate
CVE-2014-0054 was published for org.springframework:spring-webmvc (Maven) May 13, 2022
sunSUNQ
Cross-Site Request Forgery in Spring Framework Moderate
CVE-2013-6429 was published for org.springframework:spring-web (Maven) May 13, 2022
sunSUNQ
Cross-Site Request Forgery in Spring Framework Moderate
CVE-2013-4152 was published for org.springframework:spring-oxm (Maven) May 13, 2022
sunSUNQ
Apache Geronimo Application Server CSRF vulnerabilities Moderate
CVE-2009-0039 was published for org.apache.geronimo.plugins:console (Maven) May 2, 2022
westonsteimel MarkLee131
CSRF vulnerability in Jenkins GitLab Branch Source Plugin Moderate
CVE-2024-23902 was published for io.jenkins.plugins:gitlab-branch-source (Maven) Jan 24, 2024
CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin Moderate
CVE-2023-41942 was published for org.jenkins-ci.plugins:aws-codecommit-trigger (Maven) Sep 6, 2023
CSRF vulnerability in Jenkins Ivy Plugin Moderate
CVE-2023-41938 was published for org.jenkins-ci.plugins:ivy (Maven) Sep 6, 2023
CSRF vulnerability in Jenkins Gearman Plugin Moderate
CVE-2019-1003082 was published for org.jenkins-ci.plugins:gearman-plugin (Maven) May 13, 2022
CSRF vulnerability in Jenkins SOASTA CloudTest Plugin Moderate
CVE-2019-1003090 was published for com.soasta.jenkins:cloudtest (Maven) May 13, 2022
CSRF vulnerability in Jenkins OpenShift Deployer Plugin Moderate
CVE-2019-1003080 was published for org.jenkins-ci.plugins:openshift-deployer (Maven) May 13, 2022
CSRF vulnerability in jenkins-reviewbot Plugin Moderate
CVE-2019-10278 was published for org.jenkins-ci.plugins:jenkins-reviewbot (Maven) May 13, 2022
CSRF vulnerability in Jenkins Audit to Database Plugin Moderate
CVE-2019-1003076 was published for org.jenkins-ci.plugins:audit2db (Maven) May 13, 2022
Jenkins Monitoring Plugin vulnerable to Denial of service vulnerability Moderate
CVE-2019-1003022 was published for org.jvnet.hudson.plugins:monitoring (Maven) May 13, 2022
CSRF vulnerability in Jenkins Netsparker Enterprise Scan Plugin Moderate
CVE-2019-10289 was published for org.jenkins-ci.plugins:netsparker-cloud-scan (Maven) May 13, 2022
CSRF vulnerability in Jenkins FTP publisher Plugin Moderate
CVE-2019-1003058 was published for org.jvnet.hudson.plugins:ftppublisher (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database