GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
177 advisories
Filter by severity
CSRF vulnerability in Jenkins Security Inspector plugin
Moderate
CVE-2022-41236
was published
for
org.jenkins-ci.plugins:security-inspector
(Maven)
Sep 22, 2022
Jenkins NS-ND Integration Performance Publisher Plugin vulnerable to Cross-Site Request Forgery
Moderate
CVE-2022-41227
was published
for
io.jenkins.plugins:cavisson-ns-nd-integration
(Maven)
Sep 22, 2022
CSRF vulnerability in Jenkins Worksoft Execution Manager Plugin allows capturing credentials
Moderate
CVE-2022-41245
was published
for
org.jenkins-ci.plugins:ws-execution-manager
(Maven)
Sep 22, 2022
CSRF vulnerability in Jenkins CONS3RT Plugin allow capturing credentials
Moderate
CVE-2022-41253
was published
for
org.jenkins-ci.plugins:cons3rt
(Maven)
Sep 22, 2022
Jenkins SCM HttpClient Plugin vulnerable to Cross-Site Request Forgery
Moderate
CVE-2022-41249
was published
for
com.meowlomo.jenkins:scm-httpclient
(Maven)
Sep 22, 2022
XWiki Cross-Site Request Forgery (CSRF) for actions on tags
Moderate
CVE-2022-36095
was published
for
org.xwiki.platform:xwiki-platform-web-templates
(Maven)
Sep 16, 2022
Apache JSPWiki CSRF due to crafted request on UserPreferences.jsp
Moderate
CVE-2022-28731
was published
for
org.apache.jspwiki:jspwiki-main
(Maven)
Aug 5, 2022
External Monitor Job Type Plugin does not require POST requests for an HTTP endpoint
Moderate
CVE-2022-36886
was published
for
org.jenkins-ci.plugins:external-monitor-job
(Maven)
Jul 28, 2022
Jenkins Job Configuration History Plugin does not require POST requests for several HTTP endpoints
Moderate
CVE-2022-36887
was published
for
org.jenkins-ci.plugins:jobConfigHistory
(Maven)
Jul 28, 2022
Lack of authentication mechanism in Jenkins Git Plugin webhook
Moderate
CVE-2022-36882
was published
for
org.jenkins-ci.plugins:git
(Maven)
Jul 28, 2022
CSRF vulnerability in Jenkins openstack-heat Plugin
Moderate
CVE-2022-36911
was published
for
org.jenkins-ci.plugins:openstack-heat
(Maven)
Jul 28, 2022
CSRF vulnerability in Jenkins Google Cloud Backup Plugin
Moderate
CVE-2022-36916
was published
for
org.jenkins-ci.plugins:google-cloud-backup
(Maven)
Jul 28, 2022
CSRF vulnerability in Jenkins OpenShift Deployer Plugin
Moderate
CVE-2022-36906
was published
for
org.jenkins-ci.plugins:openshift-deployer
(Maven)
Jul 28, 2022
CSRF vulnerability in Jenkins OpenShift Deployer Plugin
Moderate
CVE-2022-36908
was published
for
org.jenkins-ci.plugins:openshift-deployer
(Maven)
Jul 28, 2022
Cross-Site Request Forgery in Jenkins XPath Configuration Viewer Plugin
Moderate
CVE-2022-34812
was published
for
org.jenkins-ci.plugins:xpath-config-viewer
(Maven)
Jul 1, 2022
Cross-Site Request Forgery in Jenkins Failed Job Deactivator Plugin
Moderate
CVE-2022-34817
was published
for
de.einsundeins.jenkins.plugins.failedjobdeactivator:failedJobDeactivator
(Maven)
Jul 1, 2022
Cross-Site Request Forgery in Jenkins Request Rename Or Delete Plugin
Moderate
CVE-2022-34815
was published
for
org.jenkins-ci.plugins:rrod
(Maven)
Jul 1, 2022
Jenkins Matrix Reloaded Plugin vulnerable to CSRF
Moderate
CVE-2022-34789
was published
for
net.praqma:matrix-reloaded
(Maven)
Jul 1, 2022
Cross-Site Request Forgery in Jenkins Deployment Dashboard Plugin
Moderate
CVE-2022-34797
was published
for
org.jenkins-ci.plugins:ec2-deployment-dashboard
(Maven)
Jul 1, 2022
CSRF vulnerability in Jenkins XebiaLabs XL Release Plugin allow capturing credentials
Moderate
CVE-2022-34780
was published
for
com.xebialabs.ci:xlrelease-plugin
(Maven)
Jul 1, 2022
Cross-Site Request Forgery in Jenkins Jianliao Notification Plugin
Moderate
CVE-2022-34205
was published
for
org.jenkins-ci.plugins:jianliao
(Maven)
Jun 24, 2022
Cross-Site Request Forgery in Jenkins Beaker builder Plugin
Moderate
CVE-2022-34207
was published
for
org.jenkins-ci.plugins:beaker-builder
(Maven)
Jun 24, 2022
Cross-Site Request Forgery in Jenkins ThreadFix Plugin
Moderate
CVE-2022-34209
was published
for
org.jenkins-ci.plugins:threadfix
(Maven)
Jun 24, 2022
Cross-Site Request Forgery in Jenkins vRealize Orchestrator Plugin
Moderate
CVE-2022-34211
was published
for
org.jenkins-ci.plugins:vmware-vrealize-orchestrator
(Maven)
Jun 24, 2022
Cross-Site Request Forgery in Jenkins EasyQA Plugin
Moderate
CVE-2022-34203
was published
for
com.geteasyqa:easyqa
(Maven)
Jun 24, 2022
ProTip!
Advisories are also available from the
GraphQL API