19 matches found
EUVD-2021-1334
Malware in sbrugna...
EUVD-2022-5191
Malicious code in bioql PyPI...
EUVD-2022-3741
Malicious code in bioql PyPI...
CVE-2021-21654
Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password...
CVE-2021-21655
A cross-site request forgery CSRF vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password...
CVE-2020-2142
A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds...
CVE-2020-2141
A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce...
GHSA-3RJ3-QP2J-4FJ2 Cross-Site Request Forgery in Jenkins P4 Plugin
A cross-site request forgery CSRF vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password. Jenkins P4 Plugin 1.11.5 requires POST requests for the affected HTTP endpoints...
CVE-2021-21655
A cross-site request forgery CSRF vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password...
CVE-2021-21654
Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password...
Default credentials
Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password...
CVE-2021-21655
A cross-site request forgery CSRF vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password...
Jenkins 跨站请求伪造漏洞
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site request forgery...
CVE-2020-2142
A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds...
Cross site request forgery (csrf)
A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce...
Information disclosure
A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds...
CVE-2020-2141
Jenkins P4 Plugin ≤1.10.10 is affected by a cross-site request forgery vulnerability that lets an attacker trigger builds or add labels in Perforce. Root cause: the web app does not adequately validate request origin. Impact: CSRF with I=Low, UI interaction required; no confidentiality or availab...
CVE-2020-2141
A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce...
PT-2020-15353 · Jenkins · Jenkins P4 Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins P4 Plugin versions 1.10.10 and earlier Description: A missing permission check in the Jenkins P4 Plugin allows attackers with Overall/Read permission to trigger builds or add labels in the Perforce repository. Recommendations: For...