CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

79 matches found

OSV•added 2023/09/06 3:30 p.m.•16 views

GHSA-PFG6-CJ3J-RPV4 Missing permission check in Jenkins AWS CodeCommit Trigger Plugin allows enumerating credentials IDs

A missing permission check in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins...

4.3CVSS4.7AI score0.00088EPSS

Exploits0References3

OSV•added 2023/09/06 3:30 p.m.•19 views

GHSA-R428-G373-M2H4 Missing permission check in Jenkins AWS CodeCommit Trigger Plugin

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to clear the SQS queue...

6.5CVSS6.5AI score0.00078EPSS

Exploits0References3

OSV•added 2023/09/06 3:30 p.m.•17 views

GHSA-997J-37H7-MHG9 CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

4.3CVSS4.8AI score0.00056EPSS

Exploits0References3

Github Security Blog•added 2023/09/06 3:30 p.m.•24 views

Missing permission check in Jenkins AWS CodeCommit Trigger Plugin

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to clear the SQS queue...

6.5CVSS6.6AI score0.00078EPSS

Exploits0References4Affected Software1

OSV•added 2023/09/06 1:15 p.m.•2 views

CVE-2023-41941

4.3CVSS5.8AI score0.00088EPSS

Exploits0References2

OSV•added 2023/09/06 1:15 p.m.•1 views

CVE-2023-41943

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to clear the SQS queue...

6.5CVSS5.8AI score0.00078EPSS

Exploits0References2

NVD•added 2023/09/06 1:15 p.m.•18 views

CVE-2023-41942

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

4.3CVSS5AI score0.00056EPSS

Exploits0References2

OSV•added 2023/09/06 1:15 p.m.•2 views

CVE-2023-41942

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

4.3CVSS5.7AI score0.00056EPSS

Exploits0References2

OSV•added 2023/09/06 1:15 p.m.•2 views

CVE-2023-41944

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not escape the queue name parameter passed to a form validation URL, when rendering an error message, resulting in an HTML injection vulnerability...

6.1CVSS5.8AI score0.002EPSS

Exploits0References2

NVD•added 2023/09/06 1:15 p.m.•14 views

CVE-2023-41943

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to clear the SQS queue...

6.5CVSS6.6AI score0.00078EPSS

Exploits0References2

NVD•added 2023/09/06 1:15 p.m.•16 views

CVE-2023-41944

6.1CVSS6.6AI score0.002EPSS

Exploits0References2

Prion•added 2023/09/06 1:15 p.m.•16 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

4.3CVSS4.6AI score0.00056EPSS

Exploits0References2Affected Software1

Prion•added 2023/09/06 1:15 p.m.•22 views

Design/Logic Flaw

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to clear the SQS queue...

4CVSS6.3AI score0.00078EPSS

Exploits0References2Affected Software1

Prion•added 2023/09/06 1:15 p.m.•16 views

Design/Logic Flaw

5.8CVSS6.2AI score0.002EPSS

Exploits0References2Affected Software1

Prion•added 2023/09/06 1:15 p.m.•19 views

Information disclosure

4CVSS4.4AI score0.00088EPSS

Exploits0References2Affected Software1

AlpineLinux•added 2023/09/06 12:9 p.m.•34 views

CVE-2023-41944

6.1CVSS7.2AI score0.002EPSS

Exploits0References2

Cvelist•added 2023/09/06 12:9 p.m.•22 views

CVE-2023-41944

6.8AI score0.002EPSS

Exploits0References2

Vulnrichment•added 2023/09/06 12:9 p.m.•11 views

CVE-2023-41944

6.7AI score0.002EPSS

Exploits0References2

CVE•added 2023/09/06 12:9 p.m.•108 views

CVE-2023-41944

CVE-2023-41944 concerns the Jenkins AWS CodeCommit Trigger Plugin (versions

6.1CVSS6.2AI score0.002EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/09/06 12:9 p.m.•18 views

CVE-2023-41942

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

5.3AI score0.00056EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by