Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,958
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,971
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

177 advisories

BlazeMeter Jenkins plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2024-3825 was published for com.blazemeter.plugins:BlazeMeterJenkinsPlugin (Maven) Apr 17, 2024
XWiki Platform CSRF in the job scheduler Moderate
CVE-2024-31985 was published for org.xwiki.platform:xwiki-platform-scheduler-ui (Maven) Apr 10, 2024
Apache Zeppelin CSRF vulnerability in the Credentials page Moderate
CVE-2021-28656 was published for org.apache.zeppelin:zeppelin-web (Maven) Apr 9, 2024
Cross-Site Request Forgery in Apache Wicket Moderate
CVE-2024-27439 was published for org.apache.wicket:wicket (Maven) Mar 19, 2024
Jenkins docker-build-step Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2024-2215 was published for org.jenkins-ci.plugins:docker-build-step (Maven) Mar 6, 2024
Jenkins Subversion Partial Release Manager Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2024-28158 was published for org.jenkins-ci.plugins:svn-partial-release-mgr (Maven) Mar 6, 2024
CSRF vulnerability in Jenkins GitLab Branch Source Plugin Moderate
CVE-2024-23902 was published for io.jenkins.plugins:gitlab-branch-source (Maven) Jan 24, 2024
Jenkins Nexus Platform Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-50768 was published for org.sonatype.nexus.ci:nexus-jenkins-plugin (Maven) Dec 13, 2023
Cross-site request forgery vulnerability in Jenkins Deployment Dashboard Plugin Moderate
CVE-2023-50775 was published for org.jenkins-ci.plugins:ec2-deployment-dashboard (Maven) Dec 13, 2023
Cross-Site Request Forgery in Jenkins PaaSLane Estimate Plugin Moderate
CVE-2023-50778 was published for com.cloudtp.jenkins:paaslane-estimate (Maven) Dec 13, 2023
Jenkins NeuVector Vulnerability Scanner Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-49673 was published for io.jenkins.plugins:neuvector-vulnerability-scanner (Maven) Nov 29, 2023
secjoker
Jenkins Build Failure Analyzer Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-43500 was published for com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer (Maven) Sep 20, 2023
Jenkins Build Failure Analyzer Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-43502 was published for com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer (Maven) Sep 20, 2023
CSRF vulnerability in Jenkins Ivy Plugin Moderate
CVE-2023-41938 was published for org.jenkins-ci.plugins:ivy (Maven) Sep 6, 2023
CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin Moderate
CVE-2023-41942 was published for org.jenkins-ci.plugins:aws-codecommit-trigger (Maven) Sep 6, 2023
Jenkins Fortify Plugin cross-site request forgery vulnerability Moderate
CVE-2023-4301 was published for org.jenkins-ci.plugins:fortify (Maven) Aug 22, 2023
Jenkins Blue Ocean Plugin cross-site request forgery vulnerability Moderate
CVE-2023-40341 was published for io.jenkins.blueocean:blueocean (Maven) Aug 16, 2023
Jenkins Favorite View Plugin cross-site request forgery vulnerability Moderate
CVE-2023-40351 was published for org.jenkins-ci.plugins:favorite-view (Maven) Aug 16, 2023
Jenkins Folders Plugin cross-site request forgery vulnerability Moderate
CVE-2023-40337 was published for org.jenkins-ci.plugins:cloudbees-folder (Maven) Aug 16, 2023
Credential leakage in Jenkins Plug-in for ServiceNow Moderate
CVE-2023-3414 was published for io.jenkins.plugins:servicenow-devops (Maven) Jul 26, 2023
CSRF vulnerability in Bazaar Plugin Moderate
CVE-2023-39156 was published for org.jenkins-ci.plugins:bazaar (Maven) Jul 26, 2023
CSRF vulnerability in GitLab Authentication Plugin Moderate
CVE-2023-39153 was published for org.jenkins-ci.plugins:gitlab-oauth (Maven) Jul 26, 2023
Jenkins Test Results Aggregator Plugin vulnerable to Cross Site Request Forgery Moderate
CVE-2023-37955 was published for org.jenkins-ci.plugins:test-results-aggregator (Maven) Jul 12, 2023
Jenkins Rebuilder Plugin vulnerable to Cross Site Request Forgery Moderate
CVE-2023-37954 was published for com.sonyericsson.hudson.plugins.rebuild:rebuild (Maven) Jul 12, 2023
Jenkins mabl Plugin vulnerable to cross-site request forgery Moderate
CVE-2023-37952 was published for com.mabl.integration.jenkins:mabl-integration (Maven) Jul 12, 2023
ProTip! Advisories are also available from the GraphQL API