GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
177 advisories
Filter by severity
Cross-site request forgery vulnerability in Jenkins Bitbucket OAuth Plugin
Moderate
CVE-2023-24428
was published
for
org.jenkins-ci.plugins:bitbucket-oauth
(Maven)
Jan 26, 2023
Jenkins Cross-Site Request Forgery vulnerabilities
Moderate
CVE-2013-2034
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 17, 2022
Cross-Site Request Forgery in XXL Job
Moderate
CVE-2023-0674
was published
for
com.xuxueli:xxl-job
(Maven)
Feb 4, 2023
Jenkins Cross-Site Request Forgery vulnerability
Moderate
CVE-2013-0327
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 5, 2022
Jenkins Cross-Site Request Forgery vulnerability
Moderate
CVE-2013-0329
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 5, 2022
apollo-portal has potential CSRF issue
Moderate
CVE-2023-25569
was published
for
com.ctrip.framework.apollo:apollo
(Maven)
Feb 22, 2023
Jenkins Project Inheritance Plugin vulnerable to Cross-Site Request Forgery
Moderate
CVE-2019-10408
was published
for
hudson.plugins:project-inheritance
(Maven)
May 24, 2022
OpenNMS Meridian and Horizon vulnerable to Cross-Site Request Forgery
Moderate
CVE-2023-0870
was published
for
org.opennms:opennms-webapp
(Maven)
Mar 22, 2023
Jenkins OctoPerf Load Testing Plugin vulnerable to Cross-site Request Forgery
Moderate
CVE-2023-28671
was published
for
org.jenkinsci.plugins:octoperf
(Maven)
Apr 2, 2023
Jenkins OctoPerf Load Testing Plugin vulnerable to Cross-site Request Forgery
Moderate
CVE-2023-28674
was published
for
org.jenkinsci.plugins:octoperf
(Maven)
Apr 2, 2023
Jenkins Report Portal Plugin Cross-Site Request Forgery vulnerability
Moderate
CVE-2023-30525
was published
for
org.jenkins-ci.plugins:reportportal
(Maven)
Apr 12, 2023
Cross-site request forgery vulnerability in Jenkins Nomad Plugin
Moderate
CVE-2019-1003092
was published
for
org.jenkins-ci.plugins:nomad
(Maven)
May 13, 2022
Cross-Site Request Forgery in Apache Struts
Moderate
CVE-2012-4386
was published
for
org.apache.struts:struts2-core
(Maven)
May 17, 2022
Apache Tomcat Example Application CSRF and XSS Vulnerabilities
Moderate
CVE-2007-4724
was published
for
org.apache.tomcat:tomcat
(Maven)
May 1, 2022
Cross-Site Request Forgery in OpenNMS Horizon
Moderate
CVE-2021-25930
was published
for
org.opennms:opennms
(Maven)
May 25, 2021
Jenkins Job Import Plugin vulnerable to exposure of sensitive information
Moderate
CVE-2019-1003016
was published
for
org.jenkins-ci.plugins:job-import-plugin
(Maven)
May 13, 2022
Jenkins Ansible Tower Plugin cross-site request forgery vulnerability
Moderate
CVE-2019-10310
was published
for
org.jenkins-ci.plugins:ansible-tower
(Maven)
May 24, 2022
Jenkins GitHub Authentication Plugin Cross-Site Request Forgery vulnerability
Moderate
CVE-2019-10315
was published
for
org.jenkins-ci.plugins:github-oauth
(Maven)
May 24, 2022
Jenkins Artifactory Plugin cross-site request forgery vulnerability
Moderate
CVE-2019-10321
was published
for
org.jenkins-ci.plugins:artifactory
(Maven)
May 24, 2022
Jenkins JX Resources Plugin cross-site request forgery vulnerability
Moderate
CVE-2019-10338
was published
for
org.jenkins-ci.plugins:jx-resources
(Maven)
May 24, 2022
Jenkins ElectricFlow Plugin cross-site request forgery vulnerability
Moderate
CVE-2019-10331
was published
for
org.jenkins-ci.plugins:electricflow
(Maven)
May 24, 2022
Jenkins JClouds Plugin cross-site request forgery vulnerability
Moderate
CVE-2019-10368
was published
for
org.jenkins-ci.plugins:jclouds-jenkins
(Maven)
May 24, 2022
Jenkins Rundeck Plugin CSRF vulnerability
Moderate
CVE-2019-10454
was published
for
org.jenkins-ci.plugins:rundeck
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Maven Cascade Release Plugin
Moderate
CVE-2020-2295
was published
for
com.barchart.jenkins:maven-release-cascade
(Maven)
May 24, 2022
Cross-Site Request Forgery in the Jenkins Claim plugin
Moderate
CVE-2021-21620
was published
for
org.jenkins-ci.plugins:claim
(Maven)
Jun 16, 2021
ProTip!
Advisories are also available from the
GraphQL API