Lucene search
GoogleOSV:GHSA-M6GF-P26P-MX2WHistoryMay 24, 2022 - 4:50 p.m.
Jenkins Docker Plugin contains Cross-Site Request Forgery
2022-05-2416:50:03
Google
osv.dev
11
jenkins
docker plugin
cross-site request forgery
vulnerability
credential theft
EPSS
0.004
Percentile
74.3%
A cross-site request forgery vulnerability in Jenkins Docker Plugin 1.1.6 and earlier in DockerAPI.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
Related
github
github
Jenkins Docker Plugin contains Cross-Site Request Forgery
2022-05-24 16:50:03
nvd
nvd
CVE-2019-10340
2019-07-11 14:15:10
cvelist
cvelist
CVE-2019-10340
2019-07-11 13:55:17
prion
prion
Cross site request forgery (csrf)
2019-07-11 14:15:00
osv
osv
CVE-2019-10340
2019-07-11 14:15:10
cve
cve
CVE-2019-10340
2019-07-11 14:15:10