Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,793
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,004
NuGet
720
pip
3,803
Pub
12
RubyGems
927
Rust
985
Swift
38
Unreviewed advisories
All unreviewed
5,000+

351 advisories

Loading
Jenkins build-publisher plugin vulnerable to cross-site request forgery High
CVE-2022-41232 was published for org.jenkins-ci.plugins:build-publisher (Maven) Sep 22, 2022
NotMyFault
CSRF vulnerability in Jenkins CONS3RT Plugin allow capturing credentials Moderate
CVE-2022-41253 was published for org.jenkins-ci.plugins:cons3rt (Maven) Sep 22, 2022
NotMyFault
Jenkins NS-ND Integration Performance Publisher Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2022-41227 was published for io.jenkins.plugins:cavisson-ns-nd-integration (Maven) Sep 22, 2022
NotMyFault
Cross-Site Request Forgery in Jenkins Convertigo Mobile Platform Plugin Moderate
CVE-2022-34200 was published for com.convertigo.jenkins.plugins:convertigo-mobile-platform (Maven) Jun 24, 2022
NotMyFault
Cross-Site Request Forgery in Jenkins ThreadFix Plugin Moderate
CVE-2022-34209 was published for org.jenkins-ci.plugins:threadfix (Maven) Jun 24, 2022
NotMyFault
Cross-Site Request Forgery in Jenkins EasyQA Plugin Moderate
CVE-2022-34203 was published for com.geteasyqa:easyqa (Maven) Jun 24, 2022
NotMyFault
Cross-Site Request Forgery in Jenkins Jianliao Notification Plugin Moderate
CVE-2022-34205 was published for org.jenkins-ci.plugins:jianliao (Maven) Jun 24, 2022
NotMyFault
Cross-Site Request Forgery in Jenkins vRealize Orchestrator Plugin Moderate
CVE-2022-34211 was published for org.jenkins-ci.plugins:vmware-vrealize-orchestrator (Maven) Jun 24, 2022
NotMyFault
Apache JSPWiki CSRF due to crafted request on UserPreferences.jsp Moderate
CVE-2022-28731 was published for org.apache.jspwiki:jspwiki-main (Maven) Aug 5, 2022
Apache JSPWiki CSRF due to crafted invocation on the Image plugin High
CVE-2022-34158 was published for org.apache.jspwiki:jspwiki-main (Maven) Aug 5, 2022
CSRF vulnerability in Jenkins Shared Objects Plugin Moderate
CVE-2020-2296 was published for org.jenkins-ci.plugins:shared-objects (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Sounds Plugin allow OS command execution High
CVE-2020-2098 was published for org.jenkins-ci.plugins:sounds (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins openstack-heat Plugin Moderate
CVE-2022-36911 was published for org.jenkins-ci.plugins:openstack-heat (Maven) Jul 28, 2022
NotMyFault
Jenkins Coverity Plugin vulnerable to cross-site request forgery (CSRF) High
CVE-2022-36920 was published for org.jenkins-ci.plugins:coverity (Maven) Jul 28, 2022
NotMyFault
CSRF vulnerability in Jenkins Google Cloud Backup Plugin Moderate
CVE-2022-36916 was published for org.jenkins-ci.plugins:google-cloud-backup (Maven) Jul 28, 2022
NotMyFault
CSRF vulnerability in Jenkins Flaky Test Handler Plugin Moderate
CVE-2020-2237 was published for org.jenkins-ci.plugins:flaky-test-handler (Maven) May 24, 2022
NotMyFault
Complete lack of CSRF protection in Jenkins Selenium Plugin can lead to OS command injection High
CVE-2020-2196 was published for org.jenkins-ci.plugins:selenium (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Zephyr for JIRA Test Management Plugin Moderate
CVE-2020-2215 was published for org.jenkins-ci.plugins:zephyr-for-jira-test-management (Maven) May 24, 2022
NotMyFault
Cross-Site Request Forgery in Jenkins Deployment Dashboard Plugin Moderate
CVE-2022-34797 was published for org.jenkins-ci.plugins:ec2-deployment-dashboard (Maven) Jul 1, 2022
NotMyFault
CSRF vulnerability in Jenkins OpenShift Deployer Plugin Moderate
CVE-2022-36908 was published for org.jenkins-ci.plugins:openshift-deployer (Maven) Jul 28, 2022
NotMyFault
CSRF vulnerability in Jenkins OpenShift Deployer Plugin Moderate
CVE-2022-36906 was published for org.jenkins-ci.plugins:openshift-deployer (Maven) Jul 28, 2022
NotMyFault
Cross-Site Request Forgery in Jenkins Recipe Plugin High
CVE-2022-34792 was published for org.jenkins-ci.plugins:recipe (Maven) Jul 1, 2022
NotMyFault
CSRF vulnerability in Jenkins XebiaLabs XL Release Plugin allow capturing credentials Moderate
CVE-2022-34780 was published for com.xebialabs.ci:xlrelease-plugin (Maven) Jul 1, 2022
NotMyFault
Jenkins Poll SCM Plugin vulnerable to Cross-Site Request Forgery High
CVE-2017-1000093 was published for org.jenkins-ci.plugins:pollscm (Maven) May 17, 2022
Jenkins GitHub Branch Source Plugin vulnerable to Cross-Site Request Forgery Moderate
CVE-2017-1000091 was published for org.jenkins-ci.plugins:github-branch-source (Maven) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database