Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

349 advisories

Loading
Jenkins Favorite View Plugin cross-site request forgery vulnerability Moderate
CVE-2023-40351 was published for org.jenkins-ci.plugins:favorite-view (Maven) Aug 16, 2023
Jenkins Folders Plugin cross-site request forgery vulnerability Moderate
CVE-2023-40337 was published for org.jenkins-ci.plugins:cloudbees-folder (Maven) Aug 16, 2023
Credential leakage in Jenkins Plug-in for ServiceNow Moderate
CVE-2023-3414 was published for io.jenkins.plugins:servicenow-devops (Maven) Jul 26, 2023
CSRF vulnerability in GitLab Authentication Plugin Moderate
CVE-2023-39153 was published for org.jenkins-ci.plugins:gitlab-oauth (Maven) Jul 26, 2023
CSRF vulnerability in Bazaar Plugin Moderate
CVE-2023-39156 was published for org.jenkins-ci.plugins:bazaar (Maven) Jul 26, 2023
Jenkins Test Results Aggregator Plugin vulnerable to Cross Site Request Forgery Moderate
CVE-2023-37955 was published for org.jenkins-ci.plugins:test-results-aggregator (Maven) Jul 12, 2023
Jenkins Rebuilder Plugin vulnerable to Cross Site Request Forgery Moderate
CVE-2023-37954 was published for com.sonyericsson.hudson.plugins.rebuild:rebuild (Maven) Jul 12, 2023
Jenkins mabl Plugin vulnerable to cross-site request forgery Moderate
CVE-2023-37952 was published for com.mabl.integration.jenkins:mabl-integration (Maven) Jul 12, 2023
Casdoor Cross-Site Request Forgery vulnerability Moderate
CVE-2023-34927 was published for github.com/casdoor/casdoor (Go) Jun 22, 2023
Jenkins Digital.ai App Management Publisher Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2023-35148 was published for org.jenkins-ci.plugins:ease-plugin (Maven) Jun 14, 2023
Jenkins Code Dx Plugin cross-site request forgery vulnerability Moderate
CVE-2023-2195 was published for org.jenkins-ci.plugins:codedx (Maven) May 16, 2023
Jenkins LDAP Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2023-32978 was published for org.jenkins-ci.plugins:ldap (Maven) May 16, 2023
Jenkins Tag Profiler Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2023-33003 was published for org.jenkins-ci.plugins:tag-profiler (Maven) May 16, 2023
Jenkins Email Extension Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-32980 was published for org.jenkins-ci.plugins:email-ext (Maven) May 16, 2023
Jenkins Reverse Proxy Auth Plugin cross-site request forgery vulnerability Moderate
CVE-2023-32987 was published for org.jenkins-ci.plugins:reverse-proxy-auth-plugin (Maven) May 16, 2023
Jenkins SAML Single Sign On(SSO) Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-32995 was published for io.jenkins.plugins:miniorange-saml-sp (Maven) May 16, 2023
Jenkins Azure VM Agents Plugin Cross-site Request Forgery vulnerability Moderate
CVE-2023-32989 was published for org.jenkins-ci.plugins:azure-vm-agents (Maven) May 16, 2023
Jenkins AppSpider Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-32998 was published for com.rapid7:jenkinsci-appspider-plugin (Maven) May 16, 2023
Jenkins WSO2 Oauth Plugin cross-site request forgery vulnerability Moderate
CVE-2023-33006 was published for org.jenkins-ci.plugins:wso2id-oauth (Maven) May 16, 2023
@builder.io/qwik-city Cross-Site Request Forgery vulnerability Moderate
CVE-2023-2307 was published for @builder.io/qwik-city (npm) Apr 26, 2023
CSRF token fixation in fastify-passport Moderate
CVE-2023-29020 was published for @fastify/passport (npm) Apr 21, 2023
pedromigueladao lavish
modoboa vulnerable to Cross-Site Request Forgery Moderate
CVE-2023-2228 was published for modoboa (pip) Apr 21, 2023
Bypass of CSRF protection in the presence of predictable userInfo Moderate
CVE-2023-27495 was published for @fastify/csrf-protection (npm) Apr 20, 2023
pedromigueladao lavish
Jenkins Report Portal Plugin Cross-Site Request Forgery vulnerability Moderate
CVE-2023-30525 was published for org.jenkins-ci.plugins:reportportal (Maven) Apr 12, 2023
Jenkins Lucene-Search Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2023-30529 was published for org.jenkins-ci.plugins:lucene-search (Maven) Apr 12, 2023
ProTip! Advisories are also available from the GraphQL API