GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,075
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
177 advisories
Filter by severity
Jenkins SaltStack Plugin allows attackers to capture credentials with a known credentials ID stored in Jenkins
Moderate
CVE-2018-1999027
was published
for
org.jenkins-ci.plugins:saltstack
(Maven)
May 14, 2022
Cross-Site Request Forgery in Jenkins Git Plugin
Moderate
CVE-2019-1003010
was published
for
org.jenkins-ci.plugins:git
(Maven)
May 14, 2022
Cross-Site Request Forgery in Jenkins
Moderate
CVE-2017-2613
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
Cross-Site Request Forgery in Jenkins Blue Ocean Plugin
Moderate
CVE-2019-1003012
was published
for
io.jenkins.blueocean:blueocean
(Maven)
May 13, 2022
Jenkins Job Import Plugin CSRF vulnerability
Moderate
CVE-2019-1003017
was published
for
org.jenkins-ci.plugins:job-import-plugin
(Maven)
May 13, 2022
Jenkins Monitoring Plugin vulnerable to Denial of service vulnerability
Moderate
CVE-2019-1003022
was published
for
org.jvnet.hudson.plugins:monitoring
(Maven)
May 13, 2022
Jenkins Job Import Plugin vulnerable to exposure of sensitive information
Moderate
CVE-2019-1003016
was published
for
org.jenkins-ci.plugins:job-import-plugin
(Maven)
May 13, 2022
CSRF vulnerability in Jenkins Nomad Plugin allow SSRF
Moderate
CVE-2019-10292
was published
for
org.jenkins-ci.plugins:kmap-jenkins
(Maven)
May 13, 2022
CSRF vulnerability in jenkins-reviewbot Plugin
Moderate
CVE-2019-10278
was published
for
org.jenkins-ci.plugins:jenkins-reviewbot
(Maven)
May 13, 2022
CSRF vulnerability in Jenkins Netsparker Enterprise Scan Plugin
Moderate
CVE-2019-10289
was published
for
org.jenkins-ci.plugins:netsparker-cloud-scan
(Maven)
May 13, 2022
Jenkins Fortify on Demand Uploader Plugin CSRF vulnerability
Moderate
CVE-2019-1003046
was published
for
org.jenkins-ci.plugins:fortify-on-demand-uploader
(Maven)
May 13, 2022
CSRF vulnerability in Jenkins OpenShift Deployer Plugin
Moderate
CVE-2019-1003080
was published
for
org.jenkins-ci.plugins:openshift-deployer
(Maven)
May 13, 2022
CSRF vulnerability in Jenkins Audit to Database Plugin
Moderate
CVE-2019-1003076
was published
for
org.jenkins-ci.plugins:audit2db
(Maven)
May 13, 2022
CSRF vulnerability in Jenkins FTP publisher Plugin
Moderate
CVE-2019-1003058
was published
for
org.jvnet.hudson.plugins:ftppublisher
(Maven)
May 13, 2022
Jenkins VMware Lab Manager Slaves Plugin vulnerable CSRF vulnerability
Moderate
CVE-2019-1003078
was published
for
org.jenkins-ci.plugins:labmanager
(Maven)
May 13, 2022
CSRF vulnerability in Zephyr Enterprise Test Management Plugin
Moderate
CVE-2019-1003084
was published
for
org.jenkins-ci.plugins:zephyr-enterprise-test-management
(Maven)
May 13, 2022
CSRF vulnerability in Jenkins sinatra-chef-builder Plugin
Moderate
CVE-2019-1003086
was published
for
org.jenkins-ci.plugins:sinatra-chef-builder
(Maven)
May 13, 2022
CSRF vulnerability in Jenkins Gearman Plugin
Moderate
CVE-2019-1003082
was published
for
org.jenkins-ci.plugins:gearman-plugin
(Maven)
May 13, 2022
Cross-site request forgery vulnerability in Jenkins Nomad Plugin
Moderate
CVE-2019-1003092
was published
for
org.jenkins-ci.plugins:nomad
(Maven)
May 13, 2022
Jenkins OpenID Plugin CSRF vulnerability
Moderate
CVE-2019-1003098
was published
for
org.jenkins-ci.plugins:openid
(Maven)
May 13, 2022
CSRF vulnerability in Jenkins SOASTA CloudTest Plugin
Moderate
CVE-2019-1003090
was published
for
com.soasta.jenkins:cloudtest
(Maven)
May 13, 2022
Cross-Site Request Forgery in Spring Framework
Moderate
CVE-2013-6429
was published
for
org.springframework:spring-web
(Maven)
May 13, 2022
Cross-Site Request Forgery in Spring Framework
Moderate
CVE-2013-4152
was published
for
org.springframework:spring-oxm
(Maven)
May 13, 2022
Cross-Site Request Forgery in Spring Framework
Moderate
CVE-2014-0054
was published
for
org.springframework:spring-webmvc
(Maven)
May 13, 2022
Cross-Site Request Forgery in Jenkins
Moderate
CVE-2018-1000195
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API