CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

vulnersOsv•added 2022/03/16 12:0 a.m.•1 views

org.jenkins-ci.plugins:azure-acs (>=0.1.0 <=0.2.4), org.jenkins-ci.plugins:azure-dev-spaces (>=3.0.0 <=3.0.3) potentially affected by CVE-2022-27210 via org.jenkins-ci.plugins:kubernetes-cd (>=0.1.0 <=0.2.3)

org.jenkins-ci.plugins:kubernetes-cd MAVEN version =0.1.0, =0.1.0, =3.0.0, =3.0.3 Source cves: CVE-2022-27210 Source advisory: OSV:GHSA-VQ6C-FVXW-P45V...

6.5CVSS6.5AI score0.00705EPSS

Exploits0

vulnersOsv•added 2022/03/16 12:0 a.m.•2 views

org.jenkins-ci.plugins:azure-acs (>=0.1.0 <=0.2.4), org.jenkins-ci.plugins:azure-dev-spaces (>=3.0.0 <=3.0.3) potentially affected by CVE-2022-27209 via org.jenkins-ci.plugins:kubernetes-cd (>=0.1.0 <=0.2.3)

org.jenkins-ci.plugins:kubernetes-cd MAVEN version =0.1.0, =0.1.0, =3.0.0, =3.0.3 Source cves: CVE-2022-27209 Source advisory: OSV:GHSA-23X5-J68G-6JPW...

6.5CVSS6.5AI score0.00887EPSS

Exploits0

OSV•added 2022/03/16 12:0 a.m.•21 views

GHSA-VQ6C-FVXW-P45V CSRF vulnerability in Jenkins kubernetes-cd Plugin allow capturing credentials

A cross-site request forgery CSRF vulnerability in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

7.1CVSS6.7AI score0.00705EPSS

Exploits0References4

Github Security Blog•added 2022/03/16 12:0 a.m.•29 views

Missing permission checks in Jenkins kubernetes-cd Plugin allow enumerating credentials IDs

kubernetes-cd Plugin 2.3.1 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another...

6.5CVSS2.9AI score0.00887EPSS

Exploits0References4Affected Software1

vulnersOsv•added 2022/03/16 12:0 a.m.•3 views

org.jenkins-ci.plugins:azure-acs (>=0.1.0 <=0.2.4), org.jenkins-ci.plugins:azure-dev-spaces (>=3.0.0 <=3.0.3) potentially affected by CVE-2022-27211 via org.jenkins-ci.plugins:kubernetes-cd (>=0.1.0 <=0.2.3)

org.jenkins-ci.plugins:kubernetes-cd MAVEN version =0.1.0, =0.1.0, =3.0.0, =3.0.3 Source cves: CVE-2022-27211 Source advisory: OSV:GHSA-794J-HX96-4W3M...

6.5CVSS6.5AI score0.00887EPSS

Exploits0

vulnersOsv•added 2022/03/16 12:0 a.m.•2 views

org.jenkins-ci.plugins:azure-acs (>=0.1.0 <=0.2.4), org.jenkins-ci.plugins:azure-dev-spaces (>=3.0.0 <=3.0.3) potentially affected by CVE-2022-27208 via org.jenkins-ci.plugins:kubernetes-cd (>=0.1.0 <=0.2.3)

org.jenkins-ci.plugins:kubernetes-cd MAVEN version =0.1.0, =0.1.0, =3.0.0, =3.0.3 Source cves: CVE-2022-27208 Source advisory: OSV:GHSA-FPXQ-W7P9-R924...

6.5CVSS6.5AI score0.01764EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by