Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

17 advisories

Loading
Access and integrity issue within Eclipse Jetty High
CVE-2018-12538 was published for org.eclipse.jetty:jetty-server (Maven) Oct 16, 2018
Improper Authentication in org.keycloak:keycloak-core High
CVE-2016-8609 was published for org.keycloak:keycloak-core (Maven) Oct 18, 2018
Session fixation vulnerability in Jenkins OpenID Plugin High
CVE-2023-24444 was published for org.jenkins-ci.plugins:openid (Maven) Jan 26, 2023
In Apache Tomcat, when using FORM authentication there was a narrow window where an attacker could perform a session fixation attack High
CVE-2019-17563 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Dec 26, 2019
Session Fixation in WildFly Elytron High
CVE-2020-10714 was published for org.wildfly.security:wildfly-elytron (Maven) Feb 15, 2022
Session Fixation in Apache Zeppelin High
CVE-2017-12619 was published for org.apache.zeppelin:zeppelin (Maven) Apr 24, 2019
Session fixation vulnerability in Jenkins OpenId Connect Authentication Plugin High
CVE-2023-24424 was published for org.jenkins-ci.plugins:oic-auth (Maven) Jan 26, 2023
Jenkins OpenShift Login Plugin session fixation vulnerability High
CVE-2023-37946 was published for org.openshift.jenkins:openshift-login (Maven) Jul 12, 2023
Jenkins WSO2 Oauth Plugin Session Fixation vulnerability High
CVE-2023-33005 was published for org.jenkins-ci.plugins:wso2id-oauth (Maven) May 16, 2023
Jenkins Gitlab Authentication Plugin vulnerable to Session Fixation High
CVE-2019-10371 was published for org.jenkins-ci.plugins:gitlab-oauth (Maven) May 24, 2022
Session fixation vulnerability in Jenkins High
CVE-2021-21671 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Session Fixation in Apache CXF High
CVE-2017-5656 was published for org.apache.cxf:cxf-core (Maven) May 13, 2022
sunSUNQ
Jenkins CAS Plugin Session Fixation vulnerability High
CVE-2023-32997 was published for org.jenkins-ci.plugins:cas-plugin (Maven) May 16, 2023
Apache Kylin Session Fixation vulnerability High
CVE-2024-23590 was published for org.apache.kylin:kylin (Maven) Nov 4, 2024
Session fixation vulnerability in Jenkins OpenId Connect Authentication Plugin High
CVE-2024-52553 was published for org.jenkins-ci.plugins:oic-auth (Maven) Nov 13, 2024
Duplicate Advisory: Keycloak Session Fixation vulnerability High
GHSA-j76j-rqwj-jmvv was published for org.keycloak:keycloak-services (Maven) Sep 9, 2024 withdrawn
stianst
Keycloak has session fixation in Elytron SAML adapters High
CVE-2024-7341 was published for org.keycloak:keycloak-services (Maven) Oct 14, 2024
Chetven
ProTip! Advisories are also available from the GraphQL API