GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
31 advisories
Filter by severity
Session fixation vulnerability in Jenkins OpenId Connect Authentication Plugin
High
CVE-2024-52553
was published
for
org.jenkins-ci.plugins:oic-auth
(Maven)
Nov 13, 2024
Apache Kylin Session Fixation vulnerability
High
CVE-2024-23590
was published
for
org.apache.kylin:kylin
(Maven)
Nov 4, 2024
Session fixation in Elytron SAML adapters
High
GHSA-5rxp-2rhr-qwqv
was published
for
org.keycloak:keycloak-services
(Maven)
Oct 14, 2024
Keycloak Session Fixation vulnerability
High
CVE-2024-7341
was published
for
org.keycloak:keycloak-services
(Maven)
Sep 9, 2024
Keycloak vulnerable to session hijacking via re-authentication
Moderate
CVE-2023-6787
was published
for
org.keycloak:keycloak-services
(Maven)
Apr 17, 2024
Liferay Portal's account lockout does not invalidate existing user sessions
Moderate
CVE-2023-47798
was published
for
com.liferay.portal:release.dxp.bom
(Maven)
Feb 8, 2024
Graylog session fixation vulnerability through cookie injection
Moderate
CVE-2024-24823
was published
for
org.graylog2:graylog2-server
(Maven)
Feb 7, 2024
Session fixation in Enonic XP
Critical
CVE-2024-23679
was published
for
com.enonic.xp:lib-auth
(Maven)
Jan 19, 2024
Jenkins OpenShift Login Plugin session fixation vulnerability
High
CVE-2023-37946
was published
for
org.openshift.jenkins:openshift-login
(Maven)
Jul 12, 2023
Jenkins WSO2 Oauth Plugin Session Fixation vulnerability
High
CVE-2023-33005
was published
for
org.jenkins-ci.plugins:wso2id-oauth
(Maven)
May 16, 2023
Jenkins CAS Plugin Session Fixation vulnerability
High
CVE-2023-32997
was published
for
org.jenkins-ci.plugins:cas-plugin
(Maven)
May 16, 2023
Session fixation vulnerability in Jenkins OpenID Plugin
High
CVE-2023-24444
was published
for
org.jenkins-ci.plugins:openid
(Maven)
Jan 26, 2023
Session fixation vulnerability in Jenkins OpenId Connect Authentication Plugin
High
CVE-2023-24424
was published
for
org.jenkins-ci.plugins:oic-auth
(Maven)
Jan 26, 2023
Session fixation vulnerability in Jenkins Bitbucket OAuth Plugin
Critical
CVE-2023-24427
was published
for
org.jenkins-ci.plugins:bitbucket-oauth
(Maven)
Jan 26, 2023
Session fixation vulnerability in Jenkins Keycloak Authentication Plugin
Critical
CVE-2023-24456
was published
for
org.jenkins-ci.plugins:keycloak
(Maven)
Jan 26, 2023
Hazelcast connection caching
Critical
CVE-2022-36437
was published
for
com.hazelcast.jet:hazelcast-jet
(Maven)
Dec 27, 2022
com.enonic.xp:lib-auth vulnerable to Session Fixation
Critical
GHSA-4m5p-5w5w-3jcf
was published
for
com.enonic.xp:lib-auth
(Maven)
Oct 12, 2022
Apache IoTDB Session Fixation vulnerability
Moderate
CVE-2022-38369
was published
for
apache-iotdb
(Maven)
Sep 6, 2022
Session fixation vulnerability in Jenkins
High
CVE-2021-21671
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 24, 2022
Jenkins Gitlab Authentication Plugin vulnerable to Session Fixation
High
CVE-2019-10371
was published
for
org.jenkins-ci.plugins:gitlab-oauth
(Maven)
May 24, 2022
Jenkins Google Login Plugin Session Fixation vulnerability
Moderate
CVE-2018-1000173
was published
for
org.jenkins-ci.plugins:google-login
(Maven)
May 14, 2022
Jenkins SAML Plugin Session Fixation vulnerability
Moderate
CVE-2018-1000602
was published
for
org.jenkins-ci.plugins:saml
(Maven)
May 14, 2022
Session Fixation in Jenkins
Moderate
CVE-2018-1000409
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
GitHub Authentication Plugin session fixation vulnerability
Moderate
CVE-2019-1003019
was published
for
org.jenkins-ci.plugins:github-oauth
(Maven)
May 13, 2022
Session Fixation in Apache CXF
High
CVE-2017-5656
was published
for
org.apache.cxf:cxf-core
(Maven)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API