CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

OSV•added 2023/11/29 3:30 p.m.•19 views

GHSA-PH87-4X2G-6HP4 Jenkins NeuVector Vulnerability Scanner Plugin missing permission check

Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier does not perform a permission check in a connection test HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password...

4.3CVSS4.8AI score0.00479EPSS

Exploits0References4

Prion•added 2023/11/29 2:15 p.m.•11 views

Default credentials

A missing permission check in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password...

4CVSS6.9AI score0.00479EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/11/29 1:45 p.m.•18 views

CVE-2023-49674

5.1AI score0.00479EPSS

Exploits0References2

CNNVD•added 2023/11/29 12:0 a.m.•2 views

Jenkins Plugin NeuVector Vulnerability Scanner Plugin Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

8.8CVSS6.7AI score0.00447EPSS

Exploits0References2

Tenable Nessus•added 2023/04/13 12:0 a.m.•22 views

Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.15 Multiple Vulnerabilities (CloudBees Security Advisory 2023-04-12)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.15. It is, therefore, affected by multiple vulnerabilities including the following: - Jenkins Kubernetes Plugin 3909.v1f2c633e8590 and earlier does not properly mask i.e....

8.8CVSS5.9AI score0.0078EPSS

Exploits0References21

OSV•added 2022/10/19 7:0 p.m.•25 views

GHSA-WMFH-H3VM-RCXM Content-Security-Policy protection for user content disabled by Jenkins NeuVector Vulnerability Scanner Plugin

Jenkins sets the Content-Security-Policy header to static files served by Jenkins specifically DirectoryBrowserSupport, such as workspaces, /userContent, or archived artifacts, unless a Resource Root URL is specified. NeuVector Vulnerability Scanner Plugin 1.20 and earlier globally disables the...

8CVSS5.3AI score0.00639EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by