CSRF vulnerability in Jenkins Gearman Plugin

2022-05-1301:25:42

Google

osv.dev

6.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.3%

JSON

A cross-site request forgery vulnerability in Jenkins Gearman Plugin in the GearmanPluginConfig#doTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server.

CPENameOperatorVersion
org.jenkins-ci.plugins:gearman-plugineq0.0.1
org.jenkins-ci.plugins:gearman-plugineq0.0.7
org.jenkins-ci.plugins:gearman-plugineq0.0.6
org.jenkins-ci.plugins:gearman-plugineq0.1.2
org.jenkins-ci.plugins:gearman-plugineq0.1.3
org.jenkins-ci.plugins:gearman-plugineq0.0.5
org.jenkins-ci.plugins:gearman-plugineq0.0.3
org.jenkins-ci.plugins:gearman-plugineq0.2.0
org.jenkins-ci.plugins:gearman-plugineq0.0.4
org.jenkins-ci.plugins:gearman-plugineq0.1.1

Name	Operator	Version
org.jenkins-ci.plugins:gearman-plugin	eq	0.0.1
org.jenkins-ci.plugins:gearman-plugin	eq	0.0.7
org.jenkins-ci.plugins:gearman-plugin	eq	0.0.6
org.jenkins-ci.plugins:gearman-plugin	eq	0.1.2
org.jenkins-ci.plugins:gearman-plugin	eq	0.1.3
org.jenkins-ci.plugins:gearman-plugin	eq	0.0.5
org.jenkins-ci.plugins:gearman-plugin	eq	0.0.3
org.jenkins-ci.plugins:gearman-plugin	eq	0.2.0
org.jenkins-ci.plugins:gearman-plugin	eq	0.0.4
org.jenkins-ci.plugins:gearman-plugin	eq	0.1.1