CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

RedHat Linux•added 2023/05/17 5:53 p.m.•3 views

jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin

A Cross-site request forgery CSRF vulnerability was found in a Jenkins plugin. This issue may allow an authenticated attacker to access Jenkins builds, bypassing CSRF protections...

6.5CVSS5.7AI score0.00443EPSS

Exploits0References5

vulnersOsv•added 2023/05/16 6:30 p.m.•3 views

io.jenkins.blueocean:blueocean-pipeline-scm-api (>=1.27.4 <=1.27.5.1), io.jenkins.plugins:code-coverage-api (>=4.2.0 <=4.7.0) +12 more potentially affected by CVE-2023-32977 via org.jenkins-ci.plugins.workflow:workflow-job (>=0.1-beta-1 <=1292.v27d8cc3e2602)

org.jenkins-ci.plugins.workflow:workflow-job MAVEN version =0.1-beta-1, =1.27.4, =4.2.0, =1.17.vd2468d9c5e85, =0.1-beta-1, =1.14, =1.16.4 - org.jenkins-ci.plugins:gradle =2.12.0.1 - org.jenkins-ci.plugins:inline-pipeline =1.0.3 Source cves: CVE-2023-32977 Source advisory: OSV:GHSA-2WVV-PHHW-QVMC...

5.4CVSS6AI score0.00586EPSS

Exploits0

RedHat Linux•added 2023/03/06 9:1 a.m.•8 views

jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin

A Cross-site request forgery CSRF vulnerability was found in a Jenkins plugin. This issue may allow an authenticated attacker to access Jenkins builds, bypassing CSRF protections...

6.5CVSS5.7AI score0.00443EPSS

Exploits0References5

RedHat Linux•added 2023/02/23 12:1 a.m.•5 views

jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin

A Cross-site request forgery CSRF vulnerability was found in a Jenkins plugin. This issue may allow an authenticated attacker to access Jenkins builds, bypassing CSRF protections...

6.5CVSS5.7AI score0.00443EPSS

Exploits0References5

RedHat Linux•added 2023/02/08 6:41 p.m.•3 views

jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View Plugin

A Cross-site request forgery CSRF vulnerability was found in a Jenkins plugin. This issue may allow an authenticated attacker to access Jenkins builds, bypassing CSRF protections...

6.5CVSS5.7AI score0.00443EPSS

Exploits0References5

vulnersOsv•added 2022/10/19 7:0 p.m.•2 views

net.praqma:memory-map (>=2.2.0 <=2.2.1), org.jenkins-ci.plugins.workflow:workflow-aggregator (>=2.1 <=2.4) +5 more potentially affected by CVE-2022-43408 via org.jenkins-ci.plugins.pipeline-stage-view:pipeline-stage-view (>=1.3 <=2.10)

org.jenkins-ci.plugins.pipeline-stage-view:pipeline-stage-view MAVEN version =1.3, =2.2.0, =2.1, =2.0.5, =1.0.0, =1.0.0, =1.0.2 Source cves: CVE-2022-43408 Source advisory: OSV:GHSA-G975-F26H-93G8...

6.5CVSS6.5AI score0.00443EPSS

Exploits0

Positive Technologies•added 2022/10/19 12:0 a.m.•4 views

PT-2022-26892 · Jenkins · Jenkins Pipeline: Stage View Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline: Stage View Plugin versions 2.26 and earlier Description: The issue arises from the incorrect encoding of the ID of input steps when generating URLs to proceed or abort Pipeline builds, allowing attackers who can configure...

8CVSS6.3AI score0.00443EPSS

Exploits0References7

CNNVD•added 2022/10/19 12:0 a.m.•2 views

Jenkins Plugin Pipeline:Stage View 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

6.5CVSS6.5AI score0.00443EPSS

Exploits0References7

vulnersOsv•added 2022/02/16 12:1 a.m.•4 views

com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), com.qasymphony.ci.jenkins:qtest (>=1.3.0 <=1.4.6) +16 more potentially affected by CVE-2022-25178 via org.jenkins-ci.plugins.workflow:workflow-cps-global-lib (>=0.1-beta-5 <=2.17)

org.jenkins-ci.plugins.workflow:workflow-cps-global-lib MAVEN version =0.1-beta-5, =1.9.2-beta, =1.3.0, =1.0, =1.0, =1.0, =0.1-beta-5, =1.12.1, =2.2, =1.0.4, =0.1, =1.0, =2.3, =1.0, =1.5 and more Source cves: CVE-2022-25178 Source advisory: OSV:GHSA-5HFV-MG5X-MV32...

6.5CVSS6.5AI score0.01642EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by