EUVD-2022-2369

Malicious code in bioql PyPI...

CVE-2022-36903

A missing permission check in Jenkins Repository Connector Plugin 2.2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

CVE-2022-34195

Jenkins Repository Connector Plugin 2.2.0 and earlier does not escape the name and description of Maven Repository Artifact parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2021-21618

Jenkins Repository Connector Plugin 2.0.2 and earlier does not escape parameter names and descriptions for past builds, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

The vulnerability of the Jenkins Repository Connector Plugin, related to deficiencies in the authentication process, allows attackers to disclose information about user identities.

The vulnerability of the Jenkins Repository Connector Plugin is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to obtain information about user identities remotely...

The vulnerability of the Jenkins Repository Connector Plugin, related to deficiencies in the authentication process, allows attackers to disclose sensitive information about the file system.

The vulnerability of the Jenkins Repository Connector Plugin is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to disclose sensitive information about the file system...

Jenkins Repository Connector Plugin does not perform a permission check in a method implementing form validation

Jenkins Repository Connector Plugin 2.2.0 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. A sequence of...

CVE-2022-36903

A missing permission check in Jenkins Repository Connector Plugin 2.2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

CVE-2022-36903

A missing permission check in Jenkins Repository Connector Plugin 2.2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

CVE-2022-36904

Jenkins Repository Connector Plugin 2.2.0 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system...

CVE-2022-36903

A missing permission check in Jenkins Repository Connector Plugin 2.2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

CVE-2022-36904

CVE-2022-36904 affects Jenkins Repository Connector Plugin 2.2.0 and earlier. The vulnerability is a missing permission check in a form-validation method, allowing attackers with Overall/Read to determine the existence of an attacker-specified file path on the Jenkins controller filesystem. Docum...

CVE-2022-36903

CVE-2022-36903 concerns Jenkins Repository Connector Plugin, version 2.2.0 and earlier, with a missing permission check in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs stored in Jenkins, constituting an information-disclosure risk. Public...

CVE-2022-36903

A missing permission check in Jenkins Repository Connector Plugin 2.2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins...

PT-2022-4027 · Jenkins · Jenkins Repository Connector Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Repository Connector Plugin versions 2.2.0 and earlier Description: The issue is related to a missing permission check in the Jenkins Repository Connector Plugin, which is associated with authorization procedure deficiencies. This...

Jenkins Repository Connector Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

Cross-site Scripting in Jenkins Repository Connector Plugin

Jenkins Repository Connector Plugin 2.2.0 and earlier does not escape the name and description of Maven Repository Artifact parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. Exploitation...

GHSA-438W-RJJ9-5FJF Cross-site Scripting in Jenkins Repository Connector Plugin

Jenkins Repository Connector Plugin 2.2.0 and earlier does not escape the name and description of Maven Repository Artifact parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. Exploitation...

Cross site scripting

Jenkins Repository Connector Plugin 2.2.0 and earlier does not escape the name and description of Maven Repository Artifact parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

CVE-2022-34195

Jenkins Repository Connector Plugin 2.2.0 and earlier does not escape the name and description of Maven Repository Artifact parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...