EUVD-2023-1151

Malicious code in bioql PyPI...

CVE-2023-30522

A missing permission check in Jenkins Fogbugz Plugin 2.2.17 and earlier allows attackers with Item/Read permission to trigger builds of jobs specified in a 'jobname' request parameter...

Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.15 Multiple Vulnerabilities (CloudBees Security Advisory 2023-04-12)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.15. It is, therefore, affected by multiple vulnerabilities including the following: - Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and earlier does not properly mask i.e....

GHSA-2482-GR3V-F3F3 Jenkins Fogbugz Plugin has missing permissions check

Jenkins Fogbugz Plugin provides a webhook endpoint at /fbTrigger/ that can be used to trigger builds of any jobs. In Fogbugz Plugin 2.2.17 and earlier, this endpoint can be accessed by attackers with Item/Read permission, allowing them to trigger builds of jobs specified in a jobname request...

Jenkins Fogbugz Plugin has missing permissions check

Jenkins Fogbugz Plugin provides a webhook endpoint at /fbTrigger/ that can be used to trigger builds of any jobs. In Fogbugz Plugin 2.2.17 and earlier, this endpoint can be accessed by attackers with Item/Read permission, allowing them to trigger builds of jobs specified in a jobname request...

CVE-2023-30522

A missing permission check in Jenkins Fogbugz Plugin 2.2.17 and earlier allows attackers with Item/Read permission to trigger builds of jobs specified in a 'jobname' request parameter...

CVE-2023-30522

A missing permission check in Jenkins Fogbugz Plugin 2.2.17 and earlier allows attackers with Item/Read permission to trigger builds of jobs specified in a 'jobname' request parameter...

Design/Logic Flaw

A missing permission check in Jenkins Fogbugz Plugin 2.2.17 and earlier allows attackers with Item/Read permission to trigger builds of jobs specified in a 'jobname' request parameter...

CVE-2023-30522

A missing permission check in Jenkins Fogbugz Plugin 2.2.17 and earlier allows attackers with Item/Read permission to trigger builds of jobs specified in a 'jobname' request parameter...

CVE-2023-30522

A missing permission check in Jenkins Fogbugz Plugin 2.2.17 and earlier allows attackers with Item/Read permission to trigger builds of jobs specified in a 'jobname' request parameter...

CVE-2023-30522

The CVE-2023-30522 entry refers to a missing permission check in Jenkins Fogbugz Plugin (versions 2.2.17 and earlier) that allows attackers with Item/Read permission to trigger builds of specified jobs via the webhook endpoint at /fbTrigger/. The connected sources (NVD/NASL/Tenable/Red Hat adviso...

PT-2023-22750 · Jenkins · Jenkins Fogbugz Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Fogbugz Plugin versions 2.2.17 and earlier Description: A missing permission check in the Jenkins Fogbugz Plugin allows attackers with Item/Read permission to trigger builds of jobs specified in a jobname request parameter. The plugin...

Jenkins Plugin Fogbugz 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...