Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-4342

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00688EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-1394

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00456EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-2079

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.0034EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 10:41 p.m.9 views

CVE-2022-28157

Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier allows attackers with Item/Configure permission to upload arbitrary files from the Jenkins controller via FTP to an attacker-specified FTP server...

6.5CVSS6.8AI score0.01376EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/02/12 10:26 a.m.8 views

jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin

A flaw was found in the Jenkins pipeline-build-step plugin. Affected versions of the pipeline-build-step plugin do not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This can result in a stored cross-site scripting XSS vulnerability that may allow attackers to...

5.4CVSS5.6AI score0.814EPSS
Exploits0References5
OSV
OSV
added 2023/04/02 9:15 p.m.4 views

CVE-2023-28676

A cross-site request forgery CSRF vulnerability in Jenkins Convert To Pipeline Plugin 1.0 and earlier allows attackers to create a Pipeline based on a Freestyle project, potentially leading to remote code execution RCE...

8.8CVSS6.3AI score0.0064EPSS
Exploits1References1
OSV
OSV
added 2023/04/02 9:15 p.m.4 views

CVE-2023-28670

Jenkins Pipeline Aggregator View Plugin 1.13 and earlier does not escape a variable representing the current view's URL in inline JavaScript, resulting in a stored cross-site scripting XSS vulnerability exploitable by authenticated attackers with Overall/Read permission...

5.4CVSS6AI score0.00456EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/02/15 12:0 a.m.8 views

CVE-2023-25762

Jenkins Pipeline: Build Step Plugin 2.18 and earlier does not escape job names in a JavaScript expression used in the Pipeline Snippet Generator, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control job names...

5.2AI score0.814EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/09/16 12:0 a.m.5 views

PT-2020-15481 · Jenkins · Jenkins Pipeline Maven Integration Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline Maven Integration Plugin versions 3.9.2 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This occurs because the upstream job's display name shown as part of a build cause is not...

5.4CVSS5.1AI score0.00735EPSS
Exploits0References7
OSV
OSV
added 2019/12/17 3:15 p.m.5 views

CVE-2019-16564

Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escape information shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to affects view content such as job display name or pipeline stage names...

5.4CVSS6.1AI score0.00688EPSS
Exploits0References2
Rows per page
Query Builder