Lucene search
+L

110 matches found

CNNVD
CNNVD
added 2024/01/24 12:0 a.m.4 views

Jenkins Plugin GitLab Branch Source Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

6.5CVSS6.7AI score0.00458EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/01/24 12:0 a.m.3 views

PT-2024-1424 · Jenkins +1 · Jenkins Gitlab Branch Source Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins GitLab Branch Source Plugin versions 684.vea fa 7c1e2fe3 and earlier Description: The issue is related to insufficient access control in the Jenkins GitLab Branch Source Plugin. This allows attackers to configure and share a project,...

6.5CVSS6.6AI score0.00458EPSS
Exploits0References11
CNNVD
CNNVD
added 2024/01/24 12:0 a.m.6 views

Jenkins Plugin GitLab Branch Source Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

5.3CVSS6.8AI score0.005EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/01/24 12:0 a.m.6 views

PT-2024-1421 · Jenkins +1 · Jenkins Gitlab Branch Source Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins GitLab Branch Source Plugin versions 684.vea fa 7c1e2fe3 and earlier Description: The issue is related to a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to connect to an attacker-specified URL. Th...

5CVSS6.6AI score0.00323EPSS
Exploits0References11
CNNVD
CNNVD
added 2024/01/24 12:0 a.m.7 views

Jenkins Plugin GitLab Branch Source Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins Plugin GitLab...

4.3CVSS6.6AI score0.00323EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.87 views

Jenkins plugins Multiple Vulnerabilities (2024-01-24)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Git server Plugin 99.va0826abcdfad and earlier does not disable a feature of its command parser that replaces an '@' character...

7.5CVSS6.3AI score0.01262EPSS
Exploits0References10
OSV
OSV
added 2022/10/19 7:0 p.m.44 views

GHSA-73V5-W6FG-2M44 Jenkins Tuleap Git Branch Source Plugin allows unauthenticated attackers to trigger Tuleap projects whose configured repo matches attacker-specified value

A missing permission check in Jenkins Tuleap Git Branch Source Plugin 3.2.4 and earlier allows unauthenticated attackers to trigger Tuleap projects whose configured repository matches the attacker-specified value. Tuleap Git Branch Source Plugin 3.2.5 requires a token to access the webhook endpoi...

5.3CVSS5.5AI score0.00665EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/10/19 7:0 p.m.31 views

Jenkins Tuleap Git Branch Source Plugin allows unauthenticated attackers to trigger Tuleap projects whose configured repo matches attacker-specified value

A missing permission check in Jenkins Tuleap Git Branch Source Plugin 3.2.4 and earlier allows unauthenticated attackers to trigger Tuleap projects whose configured repository matches the attacker-specified value. Tuleap Git Branch Source Plugin 3.2.5 requires a token to access the webhook endpoi...

5.3CVSS5.8AI score0.00665EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/10/19 4:15 p.m.20 views

CVE-2022-43421

A missing permission check in Jenkins Tuleap Git Branch Source Plugin 3.2.4 and earlier allows unauthenticated attackers to trigger Tuleap projects whose configured repository matches the attacker-specified value...

5.3CVSS5.3AI score
Exploits0References2
Prion
Prion
added 2022/10/19 4:15 p.m.15 views

Design/Logic Flaw

A missing permission check in Jenkins Tuleap Git Branch Source Plugin 3.2.4 and earlier allows unauthenticated attackers to trigger Tuleap projects whose configured repository matches the attacker-specified value...

5CVSS5.2AI score0.00665EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/10/19 12:0 a.m.9 views

PT-2022-6109 · Jenkins · Jenkins Tuleap Git Branch Source Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Tuleap Git Branch Source Plugin versions 3.2.4 and earlier Description: The issue is related to a missing permission check in the Jenkins Tuleap Git Branch Source Plugin, allowing unauthenticated attackers to trigger Tuleap projects...

5.3CVSS5.2AI score0.00665EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/10/19 12:0 a.m.17 views

Jenkins Tuleap Git Branch Source Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

5.3CVSS5.8AI score0.00665EPSS
Exploits0References5
Cvelist
Cvelist
added 2022/10/19 12:0 a.m.34 views

CVE-2022-43421

A missing permission check in Jenkins Tuleap Git Branch Source Plugin 3.2.4 and earlier allows unauthenticated attackers to trigger Tuleap projects whose configured repository matches the attacker-specified value...

5.5AI score0.00665EPSS
Exploits0References2
CVE
CVE
added 2022/10/19 12:0 a.m.86 views

CVE-2022-43421

CVE-2022-43421 : In Jenkins, the Tuleap Git Branch Source Plugin (versions 3.2.4 and earlier) contains a missing permission check in the mechanism that triggers Tuleap projects. This allows unauthenticated attackers to trigger projects whose configured repository matches an attacker-specified val...

5.3CVSS5.2AI score0.00665EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/05/17 12:29 a.m.14 views

GHSA-6JP2-HGGX-8J7P Jenkins GitHub Branch Source Plugin allows any user with Overall/Read permission to get list of valid credentials IDs

GitHub Branch Source provides a list of applicable credential IDs to allow users configuring a job to select the one they'd like to use. This functionality did not check permissions, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those could be used as part...

4.3CVSS4.4AI score0.00786EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/17 12:29 a.m.23 views

Jenkins GitHub Branch Source Plugin allows any user with Overall/Read permission to get list of valid credentials IDs

GitHub Branch Source provides a list of applicable credential IDs to allow users configuring a job to select the one they'd like to use. This functionality did not check permissions, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those could be used as part...

4.3CVSS2.2AI score0.00786EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/05/14 3:13 a.m.87 views

GHSA-9CFQ-V2HM-C3XR Jenkins GitHub Branch Source Plugin vulnerable to Server-Side Request Forgery

A server-side request forgery vulnerability exists in Jenkins GitHub Branch Source Plugin 2.3.4 and older in Endpoint.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. Additionally, this form validation method did not require POST...

4.3CVSS4.4AI score0.00642EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/14 3:13 a.m.28 views

Jenkins GitHub Branch Source Plugin vulnerable to Server-Side Request Forgery

A server-side request forgery vulnerability exists in Jenkins GitHub Branch Source Plugin 2.3.4 and older in Endpoint.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. Additionally, this form validation method did not require POST...

4.3CVSS3AI score0.00642EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2022/01/16 12:0 a.m.54 views

Jenkins Bitbucket Branch Source Plugin Cross-Site Request Forgery Vulnerability

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plug-ins to support building, deploying and automating any project . The Jenkins Bitbucket Branch Source Plugin suffers from a cross-site request forgery vulnerability that stems from a WE...

7.1CVSS7AI score0.00655EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/01/13 12:1 a.m.5 views

org.jenkins-ci.plugins:bitbucket-approval-filter (=1.0.0), org.jenkins-ci.plugins:bitbucket-filter-project-trait (=1.0) +1 more potentially affected by CVE-2022-20618 via org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source (>=2.2.0 <=2.4.1)

org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source MAVEN version =2.2.0, =1.0.0, =1.0.2 Source cves: CVE-2022-20618 Source advisory: OSV:GHSA-W2MH-6XJ5-F77F...

4.3CVSS5.8AI score0.00852EPSS
Exploits0
Rows per page
Query Builder