70 matches found
CVE-2023-26512
CWE-502 Deserialization of Untrusted Data at the rabbitmq-connector plugin module in Apache EventMesh incubating V1.7.0\V1.8.0 on windows\linux\mac os e.g. platforms allows attackers to send controlled message and remote code execute via rabbitmq messages. Users can use the code under the master...
Deserialization of untrusted data
CWE-502 Deserialization of Untrusted Data at the rabbitmq-connector plugin module in Apache EventMesh incubating V1.7.0\V1.8.0 on windows\linux\mac os e.g. platforms allows attackers to send controlled message and remote code execute via rabbitmq messages. Users can use the code under the master...
Apache EventMesh 代码问题漏洞
Apache EventMesh is a new generation of serverless event middleware from the Apache Foundation for building distributed event-driven applications. A code issue vulnerability exists in Apache EventMesh incubating versions V1.7.0 to V1.8.0, which stems from a deserialization vulnerability in the...
WordPress plugin Caldera Forms Google Sheets Connector 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
The vulnerability of the Jenkins Repository Connector Plugin, related to deficiencies in the authentication process, allows attackers to disclose sensitive information about the file system.
The vulnerability of the Jenkins Repository Connector Plugin is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose sensitive information about the file system...
The vulnerability of the Jenkins Repository Connector Plugin, related to deficiencies in the authentication process, allows attackers to disclose information about user identities.
The vulnerability of the Jenkins Repository Connector Plugin is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to obtain information about user identities remotely...
Jenkins Repository Connector Plugin does not perform a permission check in a method implementing form validation
Jenkins Repository Connector Plugin 2.2.0 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. A sequence of...
CVE-2022-36903
A missing permission check in Jenkins Repository Connector Plugin 2.2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2022-36904
Jenkins Repository Connector Plugin 2.2.0 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...
CVE-2022-36903
A missing permission check in Jenkins Repository Connector Plugin 2.2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2022-36903
A missing permission check in Jenkins Repository Connector Plugin 2.2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2022-36904
CVE-2022-36904 affects Jenkins Repository Connector Plugin 2.2.0 and earlier. The vulnerability is a missing permission check in a form-validation method, allowing attackers with Overall/Read to determine the existence of an attacker-specified file path on the Jenkins controller filesystem. Docum...
CVE-2022-36903
A missing permission check in Jenkins Repository Connector Plugin 2.2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...
CVE-2022-36903
CVE-2022-36903 concerns Jenkins Repository Connector Plugin, version 2.2.0 and earlier, with a missing permission check in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs stored in Jenkins, constituting an information-disclosure risk. Public...
Jenkins Repository Connector Plugin 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
PT-2022-4027 · Jenkins · Jenkins Repository Connector Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Repository Connector Plugin versions 2.2.0 and earlier Description: The issue is related to a missing permission check in the Jenkins Repository Connector Plugin, which is associated with authorization procedure deficiencies. This...
GHSA-438W-RJJ9-5FJF Cross-site Scripting in Jenkins Repository Connector Plugin
Jenkins Repository Connector Plugin 2.2.0 and earlier does not escape the name and description of Maven Repository Artifact parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. Exploitation...
Cross-site Scripting in Jenkins Repository Connector Plugin
Jenkins Repository Connector Plugin 2.2.0 and earlier does not escape the name and description of Maven Repository Artifact parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. Exploitation...
Cross site scripting
Jenkins Repository Connector Plugin 2.2.0 and earlier does not escape the name and description of Maven Repository Artifact parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-34195
CVE-2022-34195 relates to the Jenkins Repository Connector Plugin (versions