15 matches found
GHSA-HCJR-6JQ3-392P Jenkins Failed Job Deactivator Plugin Missing Authorization vulnerability
Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perform permission checks in several views and HTTP endpoints. This allows attackers with Overall/Read permission to disable jobs. Additionally, these endpoints do not require POST requests, resulting in a cross-site request forgery...
GHSA-CP6Q-836Q-GMJ3 Cross-Site Request Forgery in Jenkins Failed Job Deactivator Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier allows attackers to disable jobs. This CSRF vulnerability is only exploitable in Jenkins 2.286 and earlier, LTS 2.277.1 and earlier. See the LTS upgrade guide...
Jenkins Failed Job Deactivator Plugin Missing Authorization vulnerability
Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perform permission checks in several views and HTTP endpoints. This allows attackers with Overall/Read permission to disable jobs. Additionally, these endpoints do not require POST requests, resulting in a cross-site request forgery...
Cross-Site Request Forgery in Jenkins Failed Job Deactivator Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier allows attackers to disable jobs. This CSRF vulnerability is only exploitable in Jenkins 2.286 and earlier, LTS 2.277.1 and earlier. See the LTS upgrade guide...
CVE-2022-34817
A cross-site request forgery CSRF vulnerability in Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier allows attackers to disable jobs...
CVE-2022-34818
Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perform permission checks in several views and HTTP endpoints, allowing attackers with Overall/Read permission to disable jobs...
CVE-2022-34817
A cross-site request forgery CSRF vulnerability in Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier allows attackers to disable jobs...
CVE-2022-34818
Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perform permission checks in several views and HTTP endpoints, allowing attackers with Overall/Read permission to disable jobs...
CVE-2022-34818
Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perform permission checks in several views and HTTP endpoints, allowing attackers with Overall/Read permission to disable jobs...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier allows attackers to disable jobs...
CVE-2022-34818
The CVE-2022-34818 entry concerns Jenkins Failed Job Deactivator Plugin (versions
CVE-2022-34818
Jenkins Failed Job Deactivator Plugin 1.2.1 and earlier does not perform permission checks in several views and HTTP endpoints, allowing attackers with Overall/Read permission to disable jobs...
CVE-2022-34817
CVE-2022-34817 describes a CSRF vulnerability in the Jenkins Failed Job Deactivator Plugin, affecting version 1.2.1 and earlier. The vulnerability allows an attacker to disable jobs in Jenkins via a crafted request. The issue is noted across multiple sources (NVD entry for CVE-2022-34817 and PT S...
Jenkins Plugin Failed Job Deactivator 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project. jenkins Plugin is an application. jenkins Failed Job Deactivator Plugin...
Jenkins Plugin Failed Job Deactivator 跨站请求伪造漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.JenJenkins Failed Job Deactivator Plugin...