Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

177 advisories

Loading
Cross-site request forgery vulnerability in Jenkins Bitbucket OAuth Plugin Moderate
CVE-2023-24428 was published for org.jenkins-ci.plugins:bitbucket-oauth (Maven) Jan 26, 2023
Jenkins Cross-Site Request Forgery vulnerabilities Moderate
CVE-2013-2034 was published for org.jenkins-ci.main:jenkins-core (Maven) May 17, 2022
Cross-Site Request Forgery in XXL Job Moderate
CVE-2023-0674 was published for com.xuxueli:xxl-job (Maven) Feb 4, 2023
Jenkins Cross-Site Request Forgery vulnerability Moderate
CVE-2013-0327 was published for org.jenkins-ci.main:jenkins-core (Maven) May 5, 2022
Jenkins Cross-Site Request Forgery vulnerability Moderate
CVE-2013-0329 was published for org.jenkins-ci.main:jenkins-core (Maven) May 5, 2022
apollo-portal has potential CSRF issue Moderate
CVE-2023-25569 was published for com.ctrip.framework.apollo:apollo (Maven) Feb 22, 2023
Jenkins Project Inheritance Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2019-10408 was published for hudson.plugins:project-inheritance (Maven) May 24, 2022
OpenNMS Meridian and Horizon vulnerable to Cross-Site Request Forgery Moderate
CVE-2023-0870 was published for org.opennms:opennms-webapp (Maven) Mar 22, 2023
Jenkins OctoPerf Load Testing Plugin vulnerable to Cross-site Request Forgery Moderate
CVE-2023-28671 was published for org.jenkinsci.plugins:octoperf (Maven) Apr 2, 2023
Jenkins OctoPerf Load Testing Plugin vulnerable to Cross-site Request Forgery Moderate
CVE-2023-28674 was published for org.jenkinsci.plugins:octoperf (Maven) Apr 2, 2023
Jenkins Report Portal Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-30525 was published for org.jenkins-ci.plugins:reportportal (Maven) Apr 12, 2023
Cross-site request forgery vulnerability in Jenkins Nomad Plugin Moderate
CVE-2019-1003092 was published for org.jenkins-ci.plugins:nomad (Maven) May 13, 2022
joshbressers
Cross-Site Request Forgery in Apache Struts Moderate
CVE-2012-4386 was published for org.apache.struts:struts2-core (Maven) May 17, 2022
Apache Tomcat Example Application CSRF and XSS Vulnerabilities Moderate
CVE-2007-4724 was published for org.apache.tomcat:tomcat (Maven) May 1, 2022
Cross-Site Request Forgery in OpenNMS Horizon Moderate
CVE-2021-25930 was published for org.opennms:opennms (Maven) May 25, 2021
Jenkins Job Import Plugin vulnerable to exposure of sensitive information Moderate
CVE-2019-1003016 was published for org.jenkins-ci.plugins:job-import-plugin (Maven) May 13, 2022
Jenkins Ansible Tower Plugin cross-site request forgery vulnerability Moderate
CVE-2019-10310 was published for org.jenkins-ci.plugins:ansible-tower (Maven) May 24, 2022
Jenkins GitHub Authentication Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2019-10315 was published for org.jenkins-ci.plugins:github-oauth (Maven) May 24, 2022
Jenkins Artifactory Plugin cross-site request forgery vulnerability Moderate
CVE-2019-10321 was published for org.jenkins-ci.plugins:artifactory (Maven) May 24, 2022
Jenkins JX Resources Plugin cross-site request forgery vulnerability Moderate
CVE-2019-10338 was published for org.jenkins-ci.plugins:jx-resources (Maven) May 24, 2022
Jenkins ElectricFlow Plugin cross-site request forgery vulnerability Moderate
CVE-2019-10331 was published for org.jenkins-ci.plugins:electricflow (Maven) May 24, 2022
Jenkins JClouds Plugin cross-site request forgery vulnerability Moderate
CVE-2019-10368 was published for org.jenkins-ci.plugins:jclouds-jenkins (Maven) May 24, 2022
Jenkins Rundeck Plugin CSRF vulnerability Moderate
CVE-2019-10454 was published for org.jenkins-ci.plugins:rundeck (Maven) May 24, 2022
CSRF vulnerability in Jenkins Maven Cascade Release Plugin Moderate
CVE-2020-2295 was published for com.barchart.jenkins:maven-release-cascade (Maven) May 24, 2022
NotMyFault
Cross-Site Request Forgery in the Jenkins Claim plugin Moderate
CVE-2021-21620 was published for org.jenkins-ci.plugins:claim (Maven) Jun 16, 2021
NotMyFault
ProTip! Advisories are also available from the GraphQL API