Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

43 advisories

Loading
Session Middleware Token Injection Vulnerability Critical
CVE-2024-38513 was published for github.com/gofiber/fiber (Go) Jul 1, 2024
sixcolors
Session fixation in Enonic XP Critical
CVE-2024-23679 was published for com.enonic.xp:lib-auth (Maven) Jan 19, 2024
Session fixation vulnerability in Jenkins Bitbucket OAuth Plugin Critical
CVE-2023-24427 was published for org.jenkins-ci.plugins:bitbucket-oauth (Maven) Jan 26, 2023
Session fixation vulnerability in Jenkins Keycloak Authentication Plugin Critical
CVE-2023-24456 was published for org.jenkins-ci.plugins:keycloak (Maven) Jan 26, 2023
Hazelcast connection caching Critical
CVE-2022-36437 was published for com.hazelcast.jet:hazelcast-jet (Maven) Dec 27, 2022
The application was vulnerable to a session fixation that could be used hijack accounts. Critical Unreviewed
CVE-2022-40293 was published Nov 1, 2022
com.enonic.xp:lib-auth vulnerable to Session Fixation Critical
GHSA-4m5p-5w5w-3jcf was published for com.enonic.xp:lib-auth (Maven) Oct 12, 2022
rdiffweb vulnerable to account access via session fixation Critical
CVE-2022-3269 was published for rdiffweb (pip) Sep 25, 2022
Apache Airflow Session Fixation vulnerability Critical
CVE-2022-38054 was published for apache-airflow (pip) Sep 3, 2022
ProTip! Advisories are also available from the GraphQL API