45 matches found
CVE-2022-25207
A cross-site request forgery CSRF vulnerability in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response...
Jenkins 插件跨站请求伪造漏洞
The Jenkins Plugin is a plug-in that provides functionality for Jenkins. The Jenkins Chef Sinatra Plugin Cross-Site Request Forgery vulnerability allows an attacker to send an HTTP request from Jenkins to a URL that can be controlled using this vulnerability...
PT-2021-14675 · Jenkins · Jenkins Owasp Dependency-Track Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins OWASP Dependency-Track Plugin versions 3.1.0 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL, capturing credentials stored in...
CVE-2020-13651
An issue was discovered in DigDash 2018R2 before p20200528, 2019R1 before p20200421, and 2019R2 before p20200430. It allows a user to provide data that will be used to generate the JNLP file used by a client to obtain the right Java application. By providing an attacker-controlled URL, the client...
Unspecified Vulnerability in CloudBees Jenkins Dynatrace Application Monitoring Plugin
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Dynatrace Application Monitoring Plugin is us...