Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,075
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+

177 advisories

Loading
Jenkins SaltStack Plugin allows attackers to capture credentials with a known credentials ID stored in Jenkins Moderate
CVE-2018-1999027 was published for org.jenkins-ci.plugins:saltstack (Maven) May 14, 2022
Cross-Site Request Forgery in Jenkins Git Plugin Moderate
CVE-2019-1003010 was published for org.jenkins-ci.plugins:git (Maven) May 14, 2022
Cross-Site Request Forgery in Jenkins Moderate
CVE-2017-2613 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Cross-Site Request Forgery in Jenkins Blue Ocean Plugin Moderate
CVE-2019-1003012 was published for io.jenkins.blueocean:blueocean (Maven) May 13, 2022
Jenkins Job Import Plugin CSRF vulnerability Moderate
CVE-2019-1003017 was published for org.jenkins-ci.plugins:job-import-plugin (Maven) May 13, 2022
Jenkins Monitoring Plugin vulnerable to Denial of service vulnerability Moderate
CVE-2019-1003022 was published for org.jvnet.hudson.plugins:monitoring (Maven) May 13, 2022
Jenkins Job Import Plugin vulnerable to exposure of sensitive information Moderate
CVE-2019-1003016 was published for org.jenkins-ci.plugins:job-import-plugin (Maven) May 13, 2022
CSRF vulnerability in Jenkins Nomad Plugin allow SSRF Moderate
CVE-2019-10292 was published for org.jenkins-ci.plugins:kmap-jenkins (Maven) May 13, 2022
CSRF vulnerability in jenkins-reviewbot Plugin Moderate
CVE-2019-10278 was published for org.jenkins-ci.plugins:jenkins-reviewbot (Maven) May 13, 2022
CSRF vulnerability in Jenkins Netsparker Enterprise Scan Plugin Moderate
CVE-2019-10289 was published for org.jenkins-ci.plugins:netsparker-cloud-scan (Maven) May 13, 2022
Jenkins Fortify on Demand Uploader Plugin CSRF vulnerability Moderate
CVE-2019-1003046 was published for org.jenkins-ci.plugins:fortify-on-demand-uploader (Maven) May 13, 2022
CSRF vulnerability in Jenkins OpenShift Deployer Plugin Moderate
CVE-2019-1003080 was published for org.jenkins-ci.plugins:openshift-deployer (Maven) May 13, 2022
CSRF vulnerability in Jenkins Audit to Database Plugin Moderate
CVE-2019-1003076 was published for org.jenkins-ci.plugins:audit2db (Maven) May 13, 2022
CSRF vulnerability in Jenkins FTP publisher Plugin Moderate
CVE-2019-1003058 was published for org.jvnet.hudson.plugins:ftppublisher (Maven) May 13, 2022
Jenkins VMware Lab Manager Slaves Plugin vulnerable CSRF vulnerability Moderate
CVE-2019-1003078 was published for org.jenkins-ci.plugins:labmanager (Maven) May 13, 2022
CSRF vulnerability in Zephyr Enterprise Test Management Plugin Moderate
CVE-2019-1003084 was published for org.jenkins-ci.plugins:zephyr-enterprise-test-management (Maven) May 13, 2022
CSRF vulnerability in Jenkins sinatra-chef-builder Plugin Moderate
CVE-2019-1003086 was published for org.jenkins-ci.plugins:sinatra-chef-builder (Maven) May 13, 2022
CSRF vulnerability in Jenkins Gearman Plugin Moderate
CVE-2019-1003082 was published for org.jenkins-ci.plugins:gearman-plugin (Maven) May 13, 2022
Cross-site request forgery vulnerability in Jenkins Nomad Plugin Moderate
CVE-2019-1003092 was published for org.jenkins-ci.plugins:nomad (Maven) May 13, 2022
joshbressers
Jenkins OpenID Plugin CSRF vulnerability Moderate
CVE-2019-1003098 was published for org.jenkins-ci.plugins:openid (Maven) May 13, 2022
CSRF vulnerability in Jenkins SOASTA CloudTest Plugin Moderate
CVE-2019-1003090 was published for com.soasta.jenkins:cloudtest (Maven) May 13, 2022
Cross-Site Request Forgery in Spring Framework Moderate
CVE-2013-6429 was published for org.springframework:spring-web (Maven) May 13, 2022
sunSUNQ
Cross-Site Request Forgery in Spring Framework Moderate
CVE-2013-4152 was published for org.springframework:spring-oxm (Maven) May 13, 2022
sunSUNQ
Cross-Site Request Forgery in Spring Framework Moderate
CVE-2014-0054 was published for org.springframework:spring-webmvc (Maven) May 13, 2022
sunSUNQ
Cross-Site Request Forgery in Jenkins Moderate
CVE-2018-1000195 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API