Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,299
Erlang
31
GitHub Actions
21
Go
2,064
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

353 advisories

Loading
Jenkins Build Failure Analyzer Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-43500 was published for com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer (Maven) Sep 20, 2023
Jenkins Build Failure Analyzer Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-43502 was published for com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer (Maven) Sep 20, 2023
CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin Moderate
CVE-2023-41942 was published for org.jenkins-ci.plugins:aws-codecommit-trigger (Maven) Sep 6, 2023
CSRF vulnerability in Jenkins Ivy Plugin Moderate
CVE-2023-41938 was published for org.jenkins-ci.plugins:ivy (Maven) Sep 6, 2023
Jenkins Fortify Plugin cross-site request forgery vulnerability Moderate
CVE-2023-4301 was published for org.jenkins-ci.plugins:fortify (Maven) Aug 22, 2023
Wallabag user can reset data unintentionally Moderate
CVE-2023-4454 was published for wallabag/wallabag (Composer) Aug 21, 2023
Wallabag user can delete own API client unintentionally Moderate
CVE-2023-4455 was published for wallabag/wallabag (Composer) Aug 21, 2023
Duplicate Advisory: Wallabag user can delete own API client unintentionally Moderate
GHSA-gvvx-fc6p-2h9x was published for wallabag/wallabag (Composer) Aug 21, 2023 withdrawn
Duplicate Advisory: Wallabag user can reset data unintentionally Moderate
GHSA-rwpg-4c4c-v3r4 was published for wallabag/wallabag (Composer) Aug 21, 2023 withdrawn
Jenkins Blue Ocean Plugin cross-site request forgery vulnerability Moderate
CVE-2023-40341 was published for io.jenkins.blueocean:blueocean (Maven) Aug 16, 2023
Jenkins Favorite View Plugin cross-site request forgery vulnerability Moderate
CVE-2023-40351 was published for org.jenkins-ci.plugins:favorite-view (Maven) Aug 16, 2023
Jenkins Folders Plugin cross-site request forgery vulnerability Moderate
CVE-2023-40337 was published for org.jenkins-ci.plugins:cloudbees-folder (Maven) Aug 16, 2023
Credential leakage in Jenkins Plug-in for ServiceNow Moderate
CVE-2023-3414 was published for io.jenkins.plugins:servicenow-devops (Maven) Jul 26, 2023
CSRF vulnerability in GitLab Authentication Plugin Moderate
CVE-2023-39153 was published for org.jenkins-ci.plugins:gitlab-oauth (Maven) Jul 26, 2023
CSRF vulnerability in Bazaar Plugin Moderate
CVE-2023-39156 was published for org.jenkins-ci.plugins:bazaar (Maven) Jul 26, 2023
Jenkins Rebuilder Plugin vulnerable to Cross Site Request Forgery Moderate
CVE-2023-37954 was published for com.sonyericsson.hudson.plugins.rebuild:rebuild (Maven) Jul 12, 2023
Jenkins mabl Plugin vulnerable to cross-site request forgery Moderate
CVE-2023-37952 was published for com.mabl.integration.jenkins:mabl-integration (Maven) Jul 12, 2023
Jenkins Test Results Aggregator Plugin vulnerable to Cross Site Request Forgery Moderate
CVE-2023-37955 was published for org.jenkins-ci.plugins:test-results-aggregator (Maven) Jul 12, 2023
Casdoor Cross-Site Request Forgery vulnerability Moderate
CVE-2023-34927 was published for github.com/casdoor/casdoor (Go) Jun 22, 2023
Jenkins Digital.ai App Management Publisher Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2023-35148 was published for org.jenkins-ci.plugins:ease-plugin (Maven) Jun 14, 2023
Jenkins Code Dx Plugin cross-site request forgery vulnerability Moderate
CVE-2023-2195 was published for org.jenkins-ci.plugins:codedx (Maven) May 16, 2023
Jenkins Tag Profiler Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2023-33003 was published for org.jenkins-ci.plugins:tag-profiler (Maven) May 16, 2023
Jenkins WSO2 Oauth Plugin cross-site request forgery vulnerability Moderate
CVE-2023-33006 was published for org.jenkins-ci.plugins:wso2id-oauth (Maven) May 16, 2023
Jenkins LDAP Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2023-32978 was published for org.jenkins-ci.plugins:ldap (Maven) May 16, 2023
Jenkins Azure VM Agents Plugin Cross-site Request Forgery vulnerability Moderate
CVE-2023-32989 was published for org.jenkins-ci.plugins:azure-vm-agents (Maven) May 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database