Lucene search
K

71 matches found

CNVD
CNVD
added 2020/11/05 12:0 a.m.6 views

CloudBees Jenkins Kubernetes Plugin Access Control Error Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An access control error...

4.3CVSS6.9AI score0.01144EPSS
Exploits0References1
CNVD
CNVD
added 2020/11/05 12:0 a.m.2 views

CloudBees Jenkins Kubernetes Information Disclosure Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . An information disclosure...

4.3CVSS6.3AI score0.01213EPSS
Exploits0References1
NVD
NVD
added 2020/11/04 3:15 p.m.17 views

CVE-2020-2309

A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.3CVSS4.4AI score0.01134EPSS
Exploits0References1
NVD
NVD
added 2020/11/04 3:15 p.m.33 views

CVE-2020-2308

A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to list global pod template names...

4.3CVSS4.4AI score0.01144EPSS
Exploits0References1
OSV
OSV
added 2020/11/04 3:15 p.m.25 views

CVE-2020-2308

A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to list global pod template names...

4.3CVSS6.3AI score
Exploits0References1
Prion
Prion
added 2020/11/04 3:15 p.m.25 views

Information disclosure

A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to list global pod template names...

4CVSS5.5AI score0.01144EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2020/11/04 3:15 p.m.16 views

Information disclosure

A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4CVSS5.5AI score0.01134EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/11/04 2:35 p.m.24 views

CVE-2020-2309

A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

4.9AI score0.01134EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/11/04 2:35 p.m.35 views

CVE-2020-2308

A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to list global pod template names...

4.9AI score0.01144EPSS
Exploits0References1
CVE
CVE
added 2020/11/04 2:35 p.m.168 views

CVE-2020-2308

The CVE-2020-2308 issue is described in the Jenkins Kubernetes Plugin advisory (GHSA-RR6J-37CV-C7X7). It states that, prior to versions 1.27.4, 1.26.5, 1.25.4.1, and 1.21.6, the plugin does not perform a permission check on a Kubernetes HTTP endpoint, allowing attackers with Overall/Read permissi...

4.3CVSS4.5AI score0.01144EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/11/04 2:35 p.m.170 views

CVE-2020-2307

CVE-2020-2307 affects Jenkins Kubernetes Plugin (versions

4.3CVSS4.7AI score0.01213EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2020/11/04 12:0 a.m.3 views

PT-2020-15537 · Jenkins · Jenkins Kubernetes Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Kubernetes Plugin versions 1.27.3 and earlier Jenkins Kubernetes Plugin versions prior to 1.27.4 Jenkins Kubernetes Plugin versions prior to 1.26.5 Jenkins Kubernetes Plugin versions prior to 1.25.4.1 Jenkins Kubernetes Plugin version...

4.3CVSS4.4AI score0.01213EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2020/11/04 12:0 a.m.5 views

PT-2020-15538 · Jenkins · Jenkins Kubernetes Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Kubernetes Plugin versions 1.27.3 and earlier Jenkins Kubernetes Plugin versions prior to 1.27.4 Jenkins Kubernetes Plugin versions prior to 1.26.5 Jenkins Kubernetes Plugin versions prior to 1.25.4.1 Jenkins Kubernetes Plugin version...

4.3CVSS4.1AI score0.01144EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2020/07/02 12:0 a.m.5 views

PT-2020-15426 · Jenkins · Jenkins Elasticbox Jenkins Kubernetes Ci/Cd Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin versions 1.3 and earlier Description: The issue is related to the YAML parser configuration in the Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin, which allows the instantiation of...

8.8CVSS8.8AI score0.02282EPSS
Exploits0References7
OSV
OSV
added 2020/02/12 3:15 p.m.11 views

CVE-2020-2121

Jenkins Google Kubernetes Engine Plugin 0.8.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...

8.8CVSS7.7AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2019/12/17 12:0 a.m.6 views

PT-2019-14730 · Jenkins · Jenkins Alauda Kubernetes Support Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Alauda Kubernetes Support Plugin versions 2.3.0 and earlier Description: A cross-site request forgery issue allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs, potentially capturing the...

8.8CVSS8.5AI score0.00863EPSS
Exploits0References5
CNVD
CNVD
added 2019/10/28 12:0 a.m.3 views

CloudBees Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin Cross-Site Request Forgery Vulnerability (CNVD-2019-38508)

CloudBees Jenkins Hudson Labs is a set of Java-based development of continuous integration tools from the U.S. company CloudBees. The product is mainly used to monitor continuous software version release/testing projects and some timed tasks.ElasticBox Jenkins Kubernetes CI/CD Plugin is used in...

8.8CVSS6.6AI score0.00678EPSS
Exploits0References1
CNVD
CNVD
added 2019/10/28 12:0 a.m.6 views

CloudBees Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin Access Privilege Vulnerability

CloudBees Jenkins Hudson Labs is a set of Java-based development of continuous integration tools from the U.S. company CloudBees. The product is mainly used to monitor continuous software version release/testing projects and some timed tasks.ElasticBox Jenkins Kubernetes CI/CD Plugin is used in...

6.5CVSS6.7AI score0.00836EPSS
Exploits0References1
CNVD
CNVD
added 2018/08/08 12:0 a.m.4 views

CloudBees Jenkins Kubernetes Plugin Information Disclosure Vulnerability (CNVD-2018-15088)

CloudBees Jenkins is a set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version release/testing projects and some timed tasks.Kubernetes Plugin is one of the dynamically configured using the Kubernetes cluster Jenkins agents The...

8.8CVSS8.4AI score0.01401EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2018/08/02 10:48 p.m.31 views

CVE-2018-1999040

An exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.10.1 and earlier in KubernetesCloud.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins...

8.8CVSS3.6AI score0.01401EPSS
Exploits0References2
Rows per page
Query Builder