GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
143 advisories
Filter by severity
OpenRefine's PreviewExpressionCommand, which is eval, lacks protection against cross-site request forgery (CSRF)
High
CVE-2024-47879
was published
for
org.openrefine:main
(Maven)
Oct 24, 2024
Selenium Server (Grid) CSRF
High
CVE-2022-28108
was published
for
org.seleniumhq.selenium:selenium-grid
(Maven)
Apr 20, 2022
CSRF vulnerability and missing permission check in Jenkins JiraTestResultReporter Plugin
High
CVE-2022-28136
was published
for
org.jenkins-ci.plugins:JiraTestResultReporter
(Maven)
Mar 30, 2022
High severity vulnerability that affects io.vertx:vertx-web
High
CVE-2018-12540
was published
for
io.vertx:vertx-web
(Maven)
Oct 17, 2018
Cross-Site Request Forgery in Jenkins
High
CVE-2020-2160
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Cross-Site Request Forgery in Jenkins
High
CVE-2017-1000504
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
Cloud Foundry Runtime Cross-Site Request Forgery vulnerability
High
CVE-2015-5170
was published
for
org.cloudfoundry.identity:cloudfoundry-identity-server
(Maven)
May 13, 2022
Cross-site request forgery vulnerability in Jenkins XL TestView Plugin
High
CVE-2019-10386
was published
for
com.xebialabs.xlt.ci:xltestview-plugin
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Release plugin
High
CVE-2018-1000013
was published
for
org.jenkins-ci.plugins:release
(Maven)
May 14, 2022
CSRF vulnerability in Jenkins Translation Assistance plugin
High
CVE-2018-1000014
was published
for
org.jenkins-ci.plugins:translation
(Maven)
May 14, 2022
CSRF vulnerability in Jenkins Role-based Authorization Strategy Plugin configuration
High
CVE-2017-1000090
was published
for
org.jenkins-ci.plugins:role-strategy
(Maven)
May 17, 2022
Sandbox Bypass via CSRF in Jenkins Warnings Plugin
High
CVE-2019-1003007
was published
for
org.jvnet.hudson.plugins:warnings
(Maven)
May 13, 2022
Cross-site request forgery vulnerability in Jenkins WebSphere Deployer Plugin
High
CVE-2019-16560
was published
for
org.jenkins-ci.plugins:websphere-deployer
(Maven)
May 24, 2022
Jenkins Slack Notification Plugin CSRF vulnerability and missing permission checks
High
CVE-2019-1003044
was published
for
org.jenkins-ci.plugins:slack
(Maven)
May 13, 2022
Cross-Site Request Forgery in Jenkins Azure Credentials Plugin
High
CVE-2023-25767
was published
for
org.jenkins-ci.plugins:azure-credentials
(Maven)
Feb 15, 2023
Jenkins Pipeline: Stage View Plugin allows CSRF protection bypass of any target URL in Jenkins
High
CVE-2022-43408
was published
for
org.jenkins-ci.plugins.pipeline-stage-view:pipeline-stage-view
(Maven)
Oct 19, 2022
Cross-Site Request Forgery in Jenkins Mailer Plugin
High
CVE-2018-8718
was published
for
org.jenkins-ci.plugins:mailer
(Maven)
May 14, 2022
Apache Struts CSRF Vulnerability
High
CVE-2016-4430
was published
for
org.apache.struts.xwork:xwork-core
(Maven)
May 17, 2022
Cross-Site Request Forgery in Jenkins Bitbucket Branch Source Plugin
High
CVE-2022-20619
was published
for
org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source
(Maven)
Jan 13, 2022
Jenkins Libvirt Slaves Plugin vlnerable to Cross-Site Request Forgery
High
CVE-2019-10471
was published
for
org.jenkins-ci.plugins:libvirt-slave
(Maven)
May 24, 2022
Cross-Site Request Forgery in Apache CXF Fediz
High
CVE-2017-7662
was published
for
org.apache.cxf.fediz:fediz-oidc
(Maven)
May 13, 2022
CSRF vulnerability in Jenkins Libvirt Agents Plugin
High
CVE-2021-21627
was published
for
org.jenkins-ci.plugins:libvirt-slave
(Maven)
May 24, 2022
Cross-Site Request Forgery in Jenkins
High
CVE-2019-10384
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
CSRF vulnerability in Jenkins Configuration Slicing Plugin
High
CVE-2021-21617
was published
for
org.jenkins-ci.plugins:configurationslicing
(Maven)
May 24, 2022
Cross-Site Request Forgery in Jenkins Build Failure Analyzer Plugin
High
CVE-2019-16553
was published
for
com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API