Lucene search
+L

93 matches found

vulnersosv
vulnersosv
added 2022/05/14 3:13 a.m.7 views

com.base2services.jenkins:github-sqs-plugin (>=1.0 <=1.1), com.elasticbox.jenkins-ci.plugins:elasticbox (>=4.0.9 <=4.1.6) +23 more potentially affected by CVE-2018-1000183 via com.coravy.hudson.plugins.github:github (>=1.10 <=1.27.0)

com.coravy.hudson.plugins.github:github MAVEN version =1.10, =1.0, =4.0.9, =1.0-alpha-1, =1.0-alpha-1, =1.0-alpha-1, =1.0.0, =1.0.0, =1.0-alpha-8, =1.0-alpha-4, =0.1-preview-4, =1.0-alpha-1, =1.3.0, =1.0, =0.9.14, =1.36.0, =1.42.2 and more Source cves: CVE-2018-1000183 Source advisory:...

6.5CVSS6.6AI score0.01013EPSS
Exploits0
osv
osv
added 2022/05/14 3:13 a.m.1 views

GHSA-V7G7-CMXX-WXW9 Jenkins GitHub Plugin exposure of sensitive information vulnerability exists

A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.0 and older in GitHubServerConfig.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing...

6.5CVSS5.9AI score0.01013EPSS
Exploits0References4
vulnersosv
vulnersosv
added 2022/05/14 3:13 a.m.7 views

com.base2services.jenkins:github-sqs-plugin (>=1.0 <=1.1), com.elasticbox.jenkins-ci.plugins:elasticbox (>=4.0.9 <=4.1.6) +23 more potentially affected by CVE-2018-1000184 via com.coravy.hudson.plugins.github:github (>=1.10 <=1.27.0)

com.coravy.hudson.plugins.github:github MAVEN version =1.10, =1.0, =4.0.9, =1.0-alpha-1, =1.0-alpha-1, =1.0-alpha-1, =1.0.0, =1.0.0, =1.0-alpha-8, =1.0-alpha-4, =0.1-preview-4, =1.0-alpha-1, =1.3.0, =1.0, =0.9.14, =1.36.0, =1.42.2 and more Source cves: CVE-2018-1000184 Source advisory:...

5.5CVSS6.1AI score0.00608EPSS
Exploits0
osv
osv
added 2022/05/14 3:13 a.m.11 views

GHSA-GH85-MQ87-R7V3 Jenkins GitHub Plugin server-side request forgery vulnerability exists

A server-side request forgery vulnerability exists in Jenkins GitHub Plugin 1.29.0 and older in GitHubPluginConfig.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL...

5.4CVSS5.9AI score0.00608EPSS
Exploits0References4
github
github
added 2022/05/14 3:13 a.m.25 views

Jenkins GitHub Plugin server-side request forgery vulnerability exists

A server-side request forgery vulnerability exists in Jenkins GitHub Plugin 1.29.0 and older in GitHubPluginConfig.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL...

5.5CVSS6.6AI score0.00608EPSS
Exploits0References4Affected Software1
github
github
added 2022/05/14 3:13 a.m.29 views

Jenkins GitHub Plugin exposure of sensitive information vulnerability exists

A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.0 and older in GitHubServerConfig.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing...

6.5CVSS6.1AI score0.01013EPSS
Exploits0References4Affected Software1
vulnersosv
vulnersosv
added 2022/05/13 1:48 a.m.8 views

com.base2services.jenkins:github-sqs-plugin (>=1.0 <=1.1), com.elasticbox.jenkins-ci.plugins:elasticbox (>=4.0.9 <=4.1.6) +23 more potentially affected by CVE-2018-1000600 via com.coravy.hudson.plugins.github:github (>=1.10 <=1.27.0)

com.coravy.hudson.plugins.github:github MAVEN version =1.10, =1.0, =4.0.9, =1.0-alpha-1, =1.0-alpha-1, =1.0-alpha-1, =1.0.0, =1.0.0, =1.0-alpha-8, =1.0-alpha-4, =0.1-preview-4, =1.0-alpha-1, =1.3.0, =1.0, =0.9.14, =1.36.0, =1.42.2 and more Source cves: CVE-2018-1000600 Source advisory:...

8.8CVSS7.6AI score0.90894EPSS
Exploits0
osv
osv
added 2022/05/13 1:48 a.m.25 views

GHSA-6CVM-V6QJ-HJQ9 CSRF vulnerability and missing permission checks in GitHub Plugin allowed capturing credentials

A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier in GitHubTokenCredentialsCreator.java that allows attackers to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in...

8.8CVSS8.5AI score0.90894EPSS
Exploits0References4
github
github
added 2022/05/13 1:48 a.m.20 views

CSRF vulnerability and missing permission checks in GitHub Plugin allowed capturing credentials

A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier in GitHubTokenCredentialsCreator.java that allows attackers to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in...

8.8CVSS6.4AI score0.90894EPSS
Exploits0References4Affected Software1
vulnersosv
vulnersosv
added 2022/05/13 1:15 a.m.5 views

br.com.ingenieux.jenkins.plugins:awseb-deployment-plugin (>=0.3.5 <=0.3.15), com.barchart.jenkins:maven-release-cascade (>=1.0.0 <=1.3.2) +109 more potentially affected by CVE-2019-1003011 via org.jenkins-ci.plugins:token-macro (>=1.0 <=2.5)

org.jenkins-ci.plugins:token-macro MAVEN version =1.0, =0.3.5, =1.0.0, =1.14.1, =4.1.1, =1.7.2, =1.1.2, =0.18, =0.1, =2.5.8, =3.0, =1.0-alpha-1, =1.2.0-beta-1 and more Source cves: CVE-2019-1003011 Source advisory: OSV:GHSA-23H9-M55M-C5JP...

8.1CVSS6.7AI score0.02039EPSS
Exploits0
vulnersosv
vulnersosv
added 2022/04/23 12:40 a.m.7 views

com.buildcoin.plugins.jenkins:buildcoin-plugin (>=1.0 <=1.4), com.coravy.hudson.plugins.github:github (>=1.1 <=1.8) +99 more potentially affected by CVE-2012-0785 via org.jenkins-ci.main:jenkins-core (>=1.425 <=1.446)

org.jenkins-ci.main:jenkins-core MAVEN version =1.425, =1.0, =1.1, =0.3.2, =1.1, =1.0, =0.1, =1.1, =1.1, =0.2.5, =1.425, =1.425, =1.425, =1.425, =1.446 and more Source cves: CVE-2012-0785 Source advisory: OSV:GHSA-PCHP-C5W8-47GC...

7.8CVSS7.2AI score0.03351EPSS
Exploits0
prion
prion
added 2020/06/19 3:15 p.m.15 views

Design/Logic Flaw

An issue was discovered in Mattermost Plugins before 5.13.0. The GitHub plugin allows an attacker to attach his Mattermost account to a different person's GitHub account...

5CVSS7.5AI score0.00872EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2020/06/19 2:19 p.m.20 views

CVE-2019-20864

An issue was discovered in Mattermost Plugins before 5.13.0. The GitHub plugin allows an attacker to attach his Mattermost account to a different person's GitHub account...

7.5AI score0.00872EPSS
Exploits0References1
cnvd
cnvd
added 2018/07/09 12:0 a.m.6 views

CloudBees Jenkins GitHub Plugin Information Disclosure Vulnerability (CNVD-2018-12811)

CloudBees Jenkins is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . GitHub Plugin is used in one of the...

8.8CVSS8.3AI score0.90894EPSS
Exploits0References1
redhatcve
redhatcve
added 2018/06/28 9:49 a.m.35 views

CVE-2018-1000600

A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier in GitHubTokenCredentialsCreator.java that allows attackers to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in...

8.8CVSS3.8AI score0.90894EPSS
Exploits0References2
prion
prion
added 2018/06/26 5:29 p.m.19 views

Design/Logic Flaw

A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier in GitHubTokenCredentialsCreator.java that allows attackers to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in...

4.3CVSS8.5AI score0.90894EPSS
Exploits0References1Affected Software1
osv
osv
added 2018/06/26 5:29 p.m.19 views

CVE-2018-1000600

A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier in GitHubTokenCredentialsCreator.java that allows attackers to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in...

8.8CVSS8.6AI score
Exploits0References1
nvd
nvd
added 2018/06/26 5:29 p.m.24 views

CVE-2018-1000600

A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier in GitHubTokenCredentialsCreator.java that allows attackers to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in...

8.8CVSS8.5AI score0.90894EPSS
Exploits0References1
cvelist
cvelist
added 2018/06/26 5:0 p.m.23 views

CVE-2018-1000600

A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier in GitHubTokenCredentialsCreator.java that allows attackers to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in...

8.6AI score0.90894EPSS
Exploits0References1
cve
cve
added 2018/06/26 5:0 p.m.85 views

CVE-2018-1000600

CVE-2018-1000600 affects the Jenkins GitHub Plugin (versions ≤ 1.29.1). The accompanying Nuclei template describes a server-side request forgery (SSRF) vulnerability in GitHubTokenCredentialsCreator.java, enabling an attacker to use an attacker-specified URL and credentials IDs obtained via anoth...

8.8CVSS8.4AI score0.90894EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder