Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

359 advisories

Loading
Cross-site request forgery vulnerability in Jenkins Deployment Dashboard Plugin Moderate
CVE-2023-50775 was published for org.jenkins-ci.plugins:ec2-deployment-dashboard (Maven) Dec 13, 2023
Jenkins NeuVector Vulnerability Scanner Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-49673 was published for io.jenkins.plugins:neuvector-vulnerability-scanner (Maven) Nov 29, 2023
secjoker
NASA Open MCT Cross Site Request Forgery (CSRF) vulnerability Moderate
CVE-2023-45884 was published for openmct (npm) Nov 9, 2023
MarkLee131
Axios Cross-Site Request Forgery Vulnerability Moderate
CVE-2023-45857 was published for axios (npm) Nov 8, 2023
vintagesucks danewilson
baserCMS CSRF vulnerability in Content preview Feature Moderate
CVE-2023-43649 was published for baserproject/basercms (Composer) Oct 26, 2023
modoboa Cross-Site Request Forgery vulnerability Moderate
CVE-2023-5690 was published for modoboa (pip) Oct 20, 2023
Jenkins Build Failure Analyzer Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-43502 was published for com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer (Maven) Sep 20, 2023
Jenkins Build Failure Analyzer Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-43500 was published for com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer (Maven) Sep 20, 2023
CSRF vulnerability in Jenkins Ivy Plugin Moderate
CVE-2023-41938 was published for org.jenkins-ci.plugins:ivy (Maven) Sep 6, 2023
CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin Moderate
CVE-2023-41942 was published for org.jenkins-ci.plugins:aws-codecommit-trigger (Maven) Sep 6, 2023
Jenkins Fortify Plugin cross-site request forgery vulnerability Moderate
CVE-2023-4301 was published for org.jenkins-ci.plugins:fortify (Maven) Aug 22, 2023
Wallabag user can reset data unintentionally Moderate
CVE-2023-4454 was published for wallabag/wallabag (Composer) Aug 21, 2023
Wallabag user can delete own API client unintentionally Moderate
CVE-2023-4455 was published for wallabag/wallabag (Composer) Aug 21, 2023
Duplicate Advisory: Wallabag user can delete own API client unintentionally Moderate
GHSA-gvvx-fc6p-2h9x was published for wallabag/wallabag (Composer) Aug 21, 2023 withdrawn
Duplicate Advisory: Wallabag user can reset data unintentionally Moderate
GHSA-rwpg-4c4c-v3r4 was published for wallabag/wallabag (Composer) Aug 21, 2023 withdrawn
Jenkins Favorite View Plugin cross-site request forgery vulnerability Moderate
CVE-2023-40351 was published for org.jenkins-ci.plugins:favorite-view (Maven) Aug 16, 2023
Jenkins Blue Ocean Plugin cross-site request forgery vulnerability Moderate
CVE-2023-40341 was published for io.jenkins.blueocean:blueocean (Maven) Aug 16, 2023
Jenkins Folders Plugin cross-site request forgery vulnerability Moderate
CVE-2023-40337 was published for org.jenkins-ci.plugins:cloudbees-folder (Maven) Aug 16, 2023
Credential leakage in Jenkins Plug-in for ServiceNow Moderate
CVE-2023-3414 was published for io.jenkins.plugins:servicenow-devops (Maven) Jul 26, 2023
CSRF vulnerability in GitLab Authentication Plugin Moderate
CVE-2023-39153 was published for org.jenkins-ci.plugins:gitlab-oauth (Maven) Jul 26, 2023
CSRF vulnerability in Bazaar Plugin Moderate
CVE-2023-39156 was published for org.jenkins-ci.plugins:bazaar (Maven) Jul 26, 2023
Jenkins Test Results Aggregator Plugin vulnerable to Cross Site Request Forgery Moderate
CVE-2023-37955 was published for org.jenkins-ci.plugins:test-results-aggregator (Maven) Jul 12, 2023
Jenkins mabl Plugin vulnerable to cross-site request forgery Moderate
CVE-2023-37952 was published for com.mabl.integration.jenkins:mabl-integration (Maven) Jul 12, 2023
Jenkins Rebuilder Plugin vulnerable to Cross Site Request Forgery Moderate
CVE-2023-37954 was published for com.sonyericsson.hudson.plugins.rebuild:rebuild (Maven) Jul 12, 2023
Casdoor Cross-Site Request Forgery vulnerability Moderate
CVE-2023-34927 was published for github.com/casdoor/casdoor (Go) Jun 22, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database