Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

335 advisories

Loading
Jenkins Favorite View Plugin cross-site request forgery vulnerability Moderate
CVE-2023-40351 was published for org.jenkins-ci.plugins:favorite-view (Maven) Aug 16, 2023
Jenkins Folders Plugin cross-site request forgery vulnerability Moderate
CVE-2023-40337 was published for org.jenkins-ci.plugins:cloudbees-folder (Maven) Aug 16, 2023
Jenkins Folders Plugin cross-site request forgery vulnerability High
CVE-2023-40336 was published for org.jenkins-ci.plugins:cloudbees-folder (Maven) Aug 16, 2023
xuxueli xxl-job Cross-Site Request Forgery Vulnerability High
CVE-2020-24922 was published for com.xuxueli:xxl-job (Maven) Aug 11, 2023
Credential leakage in Jenkins Plug-in for ServiceNow Moderate
CVE-2023-3414 was published for io.jenkins.plugins:servicenow-devops (Maven) Jul 26, 2023
CSRF vulnerability in GitLab Authentication Plugin Moderate
CVE-2023-39153 was published for org.jenkins-ci.plugins:gitlab-oauth (Maven) Jul 26, 2023
CSRF vulnerability in Bazaar Plugin Moderate
CVE-2023-39156 was published for org.jenkins-ci.plugins:bazaar (Maven) Jul 26, 2023
Jenkins Sumologic Publisher Plugin vulnerable to cross-site request forgery High
CVE-2023-37958 was published for org.jenkins-ci.plugins:sumologic-publisher (Maven) Jul 12, 2023
Jenkins Assembla Auth Plugin vulnerable to cross-site request forgery High
CVE-2023-37961 was published for org.jenkins-ci.plugins:assembla-auth (Maven) Jul 12, 2023
Jenkins Benchmark Evaluator Plugin vulnerable to cross-site request forgery High
CVE-2023-37962 was published for io.jenkins.plugins:benchmark-evaluator (Maven) Jul 12, 2023
Jenkins ElasticBox CI Plugin vulnerable to cross-site request forgery High
CVE-2023-37964 was published for org.jenkins-ci.plugins:elasticbox (Maven) Jul 12, 2023
Jenkins Pipeline restFul API Plugin vulnerable to Cross Site Request Forgery High
CVE-2023-37957 was published for io.jenkins.plugins:pipeline-restful-api (Maven) Jul 12, 2023
Jenkins mabl Plugin vulnerable to cross-site request forgery Moderate
CVE-2023-37952 was published for com.mabl.integration.jenkins:mabl-integration (Maven) Jul 12, 2023
Jenkins Rebuilder Plugin vulnerable to Cross Site Request Forgery Moderate
CVE-2023-37954 was published for com.sonyericsson.hudson.plugins.rebuild:rebuild (Maven) Jul 12, 2023
Jenkins Test Results Aggregator Plugin vulnerable to Cross Site Request Forgery Moderate
CVE-2023-37955 was published for org.jenkins-ci.plugins:test-results-aggregator (Maven) Jul 12, 2023
XWiki Platform vulnerable to cross-site request forgery (CSRF) via the REST API Critical
CVE-2023-37277 was published for com.xpn.xwiki.platform:xwiki-core-rest-server (Maven) Jul 10, 2023
Jenkins CSRF protection bypass vulnerability High
CVE-2023-35141 was published for org.jenkins-ci.main:jenkins-core (Maven) Jun 14, 2023
Jenkins Digital.ai App Management Publisher Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2023-35148 was published for org.jenkins-ci.plugins:ease-plugin (Maven) Jun 14, 2023
Jenkins Code Dx Plugin cross-site request forgery vulnerability Moderate
CVE-2023-2195 was published for org.jenkins-ci.plugins:codedx (Maven) May 16, 2023
Jenkins Tag Profiler Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2023-33003 was published for org.jenkins-ci.plugins:tag-profiler (Maven) May 16, 2023
Jenkins WSO2 Oauth Plugin cross-site request forgery vulnerability Moderate
CVE-2023-33006 was published for org.jenkins-ci.plugins:wso2id-oauth (Maven) May 16, 2023
Jenkins LDAP Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2023-32978 was published for org.jenkins-ci.plugins:ldap (Maven) May 16, 2023
Jenkins AppSpider Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-32998 was published for com.rapid7:jenkinsci-appspider-plugin (Maven) May 16, 2023
Jenkins Azure VM Agents Plugin Cross-site Request Forgery vulnerability Moderate
CVE-2023-32989 was published for org.jenkins-ci.plugins:azure-vm-agents (Maven) May 16, 2023
Jenkins SAML Single Sign On(SSO) Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-32995 was published for io.jenkins.plugins:miniorange-saml-sp (Maven) May 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database