GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,656
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
141 advisories
Filter by severity
High severity vulnerability that affects io.vertx:vertx-web
High
CVE-2018-12540
was published
for
io.vertx:vertx-web
(Maven)
Oct 17, 2018
Cross-Site Request Forgery in Jenkins
High
CVE-2020-2160
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Cross-Site Request Forgery in Jenkins
High
CVE-2017-1000504
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
Cloud Foundry Runtime Cross-Site Request Forgery vulnerability
High
CVE-2015-5170
was published
for
org.cloudfoundry.identity:cloudfoundry-identity-server
(Maven)
May 13, 2022
Cross-site request forgery vulnerability in Jenkins XL TestView Plugin
High
CVE-2019-10386
was published
for
com.xebialabs.xlt.ci:xltestview-plugin
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Release plugin
High
CVE-2018-1000013
was published
for
org.jenkins-ci.plugins:release
(Maven)
May 14, 2022
CSRF vulnerability in Jenkins Translation Assistance plugin
High
CVE-2018-1000014
was published
for
org.jenkins-ci.plugins:translation
(Maven)
May 14, 2022
CSRF vulnerability in Jenkins Role-based Authorization Strategy Plugin configuration
High
CVE-2017-1000090
was published
for
org.jenkins-ci.plugins:role-strategy
(Maven)
May 17, 2022
Sandbox Bypass via CSRF in Jenkins Warnings Plugin
High
CVE-2019-1003007
was published
for
org.jvnet.hudson.plugins:warnings
(Maven)
May 13, 2022
Cross-site request forgery vulnerability in Jenkins WebSphere Deployer Plugin
High
CVE-2019-16560
was published
for
org.jenkins-ci.plugins:websphere-deployer
(Maven)
May 24, 2022
Jenkins Slack Notification Plugin CSRF vulnerability and missing permission checks
High
CVE-2019-1003044
was published
for
org.jenkins-ci.plugins:slack
(Maven)
May 13, 2022
Cross-Site Request Forgery in Jenkins Azure Credentials Plugin
High
CVE-2023-25767
was published
for
org.jenkins-ci.plugins:azure-credentials
(Maven)
Feb 15, 2023
Jenkins Pipeline: Stage View Plugin allows CSRF protection bypass of any target URL in Jenkins
High
CVE-2022-43408
was published
for
org.jenkins-ci.plugins.pipeline-stage-view:pipeline-stage-view
(Maven)
Oct 19, 2022
Cross-Site Request Forgery in Jenkins Mailer Plugin
High
CVE-2018-8718
was published
for
org.jenkins-ci.plugins:mailer
(Maven)
May 14, 2022
Apache Struts CSRF Vulnerability
High
CVE-2016-4430
was published
for
org.apache.struts.xwork:xwork-core
(Maven)
May 17, 2022
Cross-Site Request Forgery in Jenkins Bitbucket Branch Source Plugin
High
CVE-2022-20619
was published
for
org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source
(Maven)
Jan 13, 2022
Jenkins Libvirt Slaves Plugin vlnerable to Cross-Site Request Forgery
High
CVE-2019-10471
was published
for
org.jenkins-ci.plugins:libvirt-slave
(Maven)
May 24, 2022
Cross-Site Request Forgery in Apache CXF Fediz
High
CVE-2017-7662
was published
for
org.apache.cxf.fediz:fediz-oidc
(Maven)
May 13, 2022
CSRF vulnerability in Jenkins Libvirt Agents Plugin
High
CVE-2021-21627
was published
for
org.jenkins-ci.plugins:libvirt-slave
(Maven)
May 24, 2022
Cross-Site Request Forgery in Jenkins
High
CVE-2019-10384
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Configuration Slicing Plugin
High
CVE-2021-21617
was published
for
org.jenkins-ci.plugins:configurationslicing
(Maven)
May 24, 2022
Cross-Site Request Forgery in Jenkins Build Failure Analyzer Plugin
High
CVE-2019-16553
was published
for
com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer
(Maven)
May 24, 2022
Cross-Site Request Forgery in Jenkins Gerrit Trigger Plugin
High
CVE-2019-16551
was published
for
com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger
(Maven)
May 24, 2022
Jenkins Docker Plugin contains Cross-Site Request Forgery
High
CVE-2019-10340
was published
for
io.jenkins.docker:docker-plugin
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Build With Parameters Plugin
High
CVE-2021-21629
was published
for
org.jenkins-ci.plugins:build-with-parameters
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API