Lucene search
K

4 matches found

Snyk
Snyk
added 2026/06/24 3:18 p.m.5 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization due to missing permission checks in the process responsible for handling Contrast metadata. An attacker can enumerate the names of configured Contrast metadata by leveraging Overall/Read permission. Remediation...

5.4CVSS6AI score0.00167EPSS
Exploits0References2
NVD
NVD
added 2026/06/24 2:17 p.m.11 views

CVE-2026-57299

Missing permission checks in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allow attackers with Overall/Read permission to enumerate the names of configured Contrast metadata...

4.3CVSS0.00167EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/24 1:20 p.m.34 views

CVE-2026-57299

Missing permission checks in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allow attackers with Overall/Read permission to enumerate the names of configured Contrast metadata...

0.00167EPSS
Exploits0References1
Jenkins Security Advisories
Jenkins Security Advisories
added 2026/06/24 12:0 a.m.7 views

Missing permission checks in contrast-continuous-application-security allow enumerating Contrast metadata

contrast-continuous-application-security 3.11 and earlier does not perform permission checks in several HTTP endpoints that fill list box options with the names of the configured Contrast metadata. This allows attackers with Overall/Read permission to enumerate the names of configured Contrast...

4.3CVSS5.8AI score0.00167EPSS
Exploits0Affected Software1
Rows per page
Query Builder