18 matches found
CVE-2024-2215
A cross-site request forgery CSRF vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions...
GHSA-8H2M-54WH-GWJ3 Jenkins docker-build-step Plugin missing permission check
A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting futu...
Jenkins docker-build-step Plugin Cross-Site Request Forgery vulnerability
A cross-site request forgery CSRF vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions...
Jenkins docker-build-step Plugin missing permission check
A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting futu...
GHSA-64C5-R2H5-C2FG Jenkins docker-build-step Plugin Cross-Site Request Forgery vulnerability
A cross-site request forgery CSRF vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions...
CVE-2024-2215
A cross-site request forgery CSRF vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions...
CVE-2024-2216
A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting futu...
CVE-2024-2215
A cross-site request forgery CSRF vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions...
Design/Logic Flaw
A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting futu...
CVE-2024-2216
A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting futu...
CVE-2024-2216
CVE-2024-2216 affects the Jenkins docker-build-step Plugin (versions 2.11 and earlier). The issue is a missing permission check on an HTTP endpoint, allowing attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL and to reconfigure the plugin using the p...
CVE-2024-2215
CVE-2024-2215 : CSRF vulnerability in Jenkins docker-build-step Plugin (version ≤ 2.11) allows an attacker to connect to an attacker-specified TCP/Unix socket URL and reconfigure the plugin using provided connection test parameters, impacting subsequent build step executions. The description from...
CVE-2024-2215
A cross-site request forgery CSRF vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions...
CVE-2024-2215
A cross-site request forgery CSRF vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect to an attacker-specified TCP or Unix socket URL, and to reconfigure the plugin using the provided connection test parameters, affecting future build step executions...
PT-2024-19247 · Jenkins · Jenkins Docker-Build-Step Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins docker-build-step Plugin versions 2.11 and earlier Description: A missing permission check in an HTTP endpoint allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL, and to reconfigur...
Jenkins docker-build-step Plugin Security Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
PT-2024-19236 · Jenkins · Jenkins Docker-Build-Step Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins docker-build-step Plugin versions 2.11 and earlier Description: A cross-site request forgery issue allows attackers to connect to a specified TCP or Unix socket URL and reconfigure the plugin, affecting future build step executions...
Jenkins docker-build-step Plugin Security Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins docker-build-step...