Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.10 views

RHCOS 3 : OpenShift Container Platform 3.11 (RHSA-2020:3541)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3541 advisory. - jenkins-jira-plugin: plugin information disclosure CVE-2019-16541 - openshift-ansible: cors allowed origin allows changing url...

9.9CVSS5.8AI score0.01647EPSS
Exploits1References22
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.15 views

RHCOS 4 : OpenShift Container Platform 4.6.1 (RHSA-2020:4297)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4297 advisory. - jenkins-jira-plugin: plugin information disclosure CVE-2019-16541 - jenkins-2-plugins/mailer: Missing hostname validation in Maile...

9.9CVSS7.4AI score0.0473EPSS
Exploits0References20
RedhatCVE
RedhatCVE
added 2026/01/09 12:35 p.m.7 views

CVE-2023-49653

Jenkins Jira Plugin 3.11 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to...

6.5CVSS6.6AI score0.0061EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2022-3327

Malicious code in bioql PyPI...

9.9CVSS8.9AI score0.01647EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-3816

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.01194EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-3018

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.0061EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/12/01 12:0 a.m.4 views

The vulnerability of the Jenkins JIRA plugin, related to deficiencies in access control, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Jenkins JIRA plugin is related to deficiencies in access control, resulting from incorrect context determination for searching user credentials. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

4.3CVSS6.5AI score0.0061EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/24 12:0 a.m.6 views

CVE-2023-24438

A missing permission check in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkin...

6.7AI score0.00769EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2022/05/18 12:3 p.m.4 views

Jira: Stored XSS vulnerabilities in Jenkins Jira plugin

A flaw was found in the Jenkins Jira plugin. The Jenkins Jira plugin does not escape the name and description of a Jira Issue and Jira Release Version parameters on views displaying parameters. This issue results in a stored Cross-site scripting XSS vulnerability exploitable by attackers with...

5.4CVSS5.7AI score0.00825EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/05/02 6:23 p.m.5 views

Jira: Stored XSS vulnerabilities in Jenkins Jira plugin

A flaw was found in the Jenkins Jira plugin. The Jenkins Jira plugin does not escape the name and description of a Jira Issue and Jira Release Version parameters on views displaying parameters. This issue results in a stored Cross-site scripting XSS vulnerability exploitable by attackers with...

5.4CVSS5.7AI score0.00825EPSS
Exploits0References5
NVD
NVD
added 2022/04/12 8:15 p.m.20 views

CVE-2022-29041

Jenkins Jira Plugin 3.7 and earlier, except 3.6.1, does not escape the name and description of Jira Issue and Jira Release Version parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS0.00825EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/04/12 8:15 p.m.5 views

CVE-2022-29041

Jenkins Jira Plugin 3.7 and earlier, except 3.6.1, does not escape the name and description of Jira Issue and Jira Release Version parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS6AI score0.00825EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/04/12 12:0 a.m.4 views

PT-2022-19381 · Jenkins · Jenkins Jira Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Jira Plugin versions 3.7 and earlier, except version 3.6.1 Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the Jenkins Jira Plugin does not escape the name and description of Jir...

5.4CVSS5.1AI score0.00825EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/04/12 12:0 a.m.4 views

Jenkins Jira Plugin 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. Jenkins Plugin is an application that suffers from a cross-site scripting vulnerability that stems from the application not escaping the names and descriptions of the Jira Issue and Jira Release Version...

5.4CVSS5.3AI score0.00825EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2022/03/29 1:15 p.m.2 views

CVE-2022-28136

A cross-site request forgery CSRF vulnerability in Jenkins JiraTestResultReporter Plugin 165.v817928553942 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials...

8.8CVSS5.8AI score0.00689EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2020/10/27 2:53 p.m.4 views

jenkins-jira-plugin: plugin information disclosure

Jenkins JIRA Plugin 3.0.10 and earlier does not declare the correct folder scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope...

9.9CVSS5.7AI score0.01647EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/10/27 2:53 p.m.96 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.6.1 package security update

An update for jenkins-2-plugins, openshift-clients, podman, runc, and skopeo is now available for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

9.9CVSS6.7AI score0.0473EPSS
Exploits0References9
Veracode
Veracode
added 2020/08/28 2:13 a.m.26 views

Information Disclosure

jenkins-jira-plugin is vulnerable to information disclosure. The scope for per-folder Jira site definitions is not properly declared, allowing users to select and use credentials with System scope...

9.9CVSS3.2AI score0.01647EPSS
Exploits0References4Affected Software8
BDU FSTEC
BDU FSTEC
added 2020/01/27 12:0 a.m.5 views

The vulnerability of the Jenkins JIRA plugin, related to deficiencies in the separation of controlled areas within the system, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Jenkins JIRA plugin is related to deficiencies in the system’s controlled areas. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

9.9CVSS7.1AI score0.01647EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2019/11/21 12:0 a.m.6 views

PT-2019-4454 · Jenkins · Jenkins Jira Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins JIRA Plugin versions 3.0.10 and earlier Description: The issue is related to the incorrect declaration of the scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope. This can lead to...

9.9CVSS9.1AI score0.01647EPSS
Exploits0References9
Rows per page
Query Builder