Lucene search
K

8 matches found

CNVD
CNVD
added 2022/07/04 12:0 a.m.24 views

Jenkins Failed Job Deactivator Plugin跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.JenJenkins Failed Job Deactivator Plugin...

4.3CVSS3.2AI score0.00454EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2022/07/01 12:1 a.m.33 views

Jenkins Failed Job Deactivator Plugin Missing Authorization vulnerability

Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perform permission checks in several views and HTTP endpoints. This allows attackers with Overall/Read permission to disable jobs. Additionally, these endpoints do not require POST requests, resulting in a cross-site request forgery...

4.3CVSS4.9AI score0.00553EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2022/06/30 6:15 p.m.22 views

CVE-2022-34818

Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perform permission checks in several views and HTTP endpoints, allowing attackers with Overall/Read permission to disable jobs...

4.3CVSS0.00553EPSS
Exploits0References1
OSV
OSV
added 2022/06/30 6:15 p.m.14 views

CVE-2022-34818

Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perform permission checks in several views and HTTP endpoints, allowing attackers with Overall/Read permission to disable jobs...

4.3CVSS5.8AI score0.00553EPSS
Exploits0References1
OSV
OSV
added 2022/06/30 6:15 p.m.2 views

CVE-2022-34817

A cross-site request forgery CSRF vulnerability in Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier allows attackers to disable jobs...

4.3CVSS5.7AI score0.00454EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/30 6:15 p.m.3 views

CVE-2022-34818

Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perform permission checks in several views and HTTP endpoints, allowing attackers with Overall/Read permission to disable jobs...

4.3CVSS5.9AI score0.00553EPSS
Exploits0References2
Prion
Prion
added 2022/06/30 6:15 p.m.20 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier allows attackers to disable jobs...

4.3CVSS4.6AI score0.00454EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/06/30 5:49 p.m.20 views

CVE-2022-34818

Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perform permission checks in several views and HTTP endpoints, allowing attackers with Overall/Read permission to disable jobs...

5.2AI score0.00553EPSS
Exploits0References1
Rows per page
Query Builder