Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

32 advisories

Loading
Server-Side Request Forgery in Apache Kylin Moderate
CVE-2021-27738 was published for org.apache.kylin:kylin (Maven) Jan 8, 2022
Server-Side Request Forgery in Karaf Moderate
CVE-2020-11980 was published for org.apache.karaf.management:org.apache.karaf.management.server (Maven) Feb 10, 2022
Server-Side Request Forgery in Apache Dubbo Moderate
CVE-2021-25640 was published for com.alibaba:dubbo (Maven) Mar 18, 2022
Server-Side Request Forgery in Jenkins Moderate
CVE-2018-1000067 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
SSRF vulnerability due to missing permission check in Jenkins JMS Messaging Plugin Moderate
CVE-2019-1003028 was published for org.jenkins-ci.plugins:jms-messaging (Maven) May 13, 2022
Jenkins Kanboard Plugin vulnerable to Server-side request forgery (SSRF) Moderate
CVE-2019-1003020 was published for org.jenkins-ci.plugins:kanboard (Maven) May 13, 2022
SSRF vulnerability due to missing permission check in Jenkins OctopusDeploy Plugin Moderate
CVE-2019-1003027 was published for hudson.plugins.octopusdeploy:octopusdeploy (Maven) May 13, 2022
Jenkins Mattermost Notification Plugin vulnerable to SSRF Moderate
CVE-2019-1003026 was published for org.jenkins-ci.plugins:mattermost (Maven) May 13, 2022
Server-side request forgery vulnerability in Jenkins Mesos Plugin Moderate
CVE-2018-1000421 was published for org.jenkins-ci.plugins:mesos (Maven) May 14, 2022
Jenkins Crowd 2 Integration Plugin server-side request forgery vulnerability Moderate
CVE-2018-1000422 was published for org.jenkins-ci.plugins:crowd2 (Maven) May 14, 2022
Server-Side Request Forgery (SSRF) in Jenkins Confluence Publisher Plugin Moderate
CVE-2018-1999039 was published for org.jenkins-ci.plugins:confluence-publisher (Maven) May 14, 2022
Jenkins TraceTronic ECU-TEST Plugin server-side request forgery vulnerability Moderate
CVE-2018-1999026 was published for de.tracetronic.jenkins.plugins:ecutest (Maven) May 14, 2022
URLTrigger Plugin server-side request forgery vulnerability Moderate
CVE-2018-1000606 was published for org.jenkins-ci.plugins:urltrigger (Maven) May 14, 2022
westonsteimel
Jenkins GitHub Branch Source Plugin vulnerable to Server-Side Request Forgery Moderate
CVE-2018-1000185 was published for org.jenkins-ci.plugins:github-branch-source (Maven) May 14, 2022
Jenkins GitHub Plugin server-side request forgery vulnerability exists Moderate
CVE-2018-1000184 was published for com.coravy.hudson.plugins.github:github (Maven) May 14, 2022
Jenkins CAS Plugin Server-Side Request Forgery vulnerability Moderate
CVE-2018-1000188 was published for org.jenkins-ci.plugins:cas-plugin (Maven) May 14, 2022
Server-Side Request Forgery in Jenkins Git Plugin Moderate
CVE-2018-1000182 was published for org.jenkins-ci.plugins:git (Maven) May 14, 2022
Apache Ambari SSRF Vulnerability Moderate
CVE-2015-1775 was published for org.apache.ambari:ambari (Maven) May 17, 2022
Keycloak vulnerable to Server-Side Request Forgery Moderate
CVE-2020-10770 was published for org.keycloak:keycloak-core (Maven) May 24, 2022
Server-side request forgery in Apache Dubbo Moderate
CVE-2022-24969 was published for com.alibaba:dubbo (Maven) Jun 10, 2022
Apache Batik Server-Side Request Forgery Moderate
CVE-2022-38398 was published for org.apache.xmlgraphics:batik (Maven) Sep 23, 2022
Apache Batik vulnerable to Server-Side Request Forgery Moderate
CVE-2022-38648 was published for org.apache.xmlgraphics:batik (Maven) Sep 23, 2022
Nepxion Discovery vulnerable to potential Information Disclosure due to Server-Side Request Forgery Moderate
CVE-2022-23464 was published for com.nepxion:discovery (Maven) Sep 25, 2022
ProTip! Advisories are also available from the GraphQL API