Lucene search
K

252 matches found

Snyk
Snyk
added 2026/06/25 6:7 a.m.5 views

Unsafe Dependency Resolution

Overview org.jenkins-ci.plugins:script-security is a package that allows Jenkins administrators to control what in-process scripts can be run by less-privileged users. Affected versions of this package are vulnerable to Unsafe Dependency Resolution via Groovy AST transformation annotations during...

8.5CVSS6.2AI score0.00594EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.5 views

Jenkins plugins Multiple Vulnerabilities (2026-06-24)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins OWASP ZAP Plugin 1.0.7 and earlier performs build operations on the Jenkins controller rather than the assigned agent, allowing...

8.8CVSS6.3AI score0.00595EPSS
Exploits0References29
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.13 views

RHCOS 3 : OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2020:2478)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2478 advisory. - jenkins-git-client-plugin: OS command injection via 'git ls-remote' CVE-2019-10392 - jenkins-script-security-plugin: sandbox...

8.8CVSS6.2AI score0.25779EPSS
Exploits1References18
Github Security Blog
Github Security Blog
added 2026/04/29 3:30 p.m.23 views

Jenkins Script Security Plugin: Missing permission checks allow enumeration of pending and approved classpaths

Jenkins Script Security Plugin versions 1399.ve6a66547f6e1 and earlier do not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths. Script Security Plugin 1402.v94c9ce464861 requires...

4.3CVSS5.8AI score0.00174EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/04/29 2:16 p.m.43 views

CVE-2026-42519

A missing permission check in Jenkins Script Security Plugin 1399.ve6a66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths...

4.3CVSS0.00174EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/29 1:31 p.m.38 views

EUVD-2026-26220

A missing permission check in Jenkins Script Security Plugin 1399.ve6a66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths...

4.3CVSS5.2AI score0.00174EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/29 1:31 p.m.4 views

CVE-2026-42519

A missing permission check in Jenkins Script Security Plugin 1399.ve6a66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths...

4.3CVSS5.2AI score0.00174EPSS
Exploits0References2
CVE
CVE
added 2026/04/29 1:31 p.m.49 views

CVE-2026-42519

The provided documents describe CVE-2026-42519 as a vulnerability in the Jenkins Script Security Plugin (version 1399.ve6a_66547f6e1 and earlier). The root cause is a missing permission check that permits users with Overall/Read permission to enumerate pending and approved Script Security classpa...

4.3CVSS5.2AI score0.00174EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/04/29 1:31 p.m.80 views

CVE-2026-42519

A missing permission check in Jenkins Script Security Plugin 1399.ve6a66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths...

0.00174EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.7 views

PT-2026-35913

A missing permission check in Jenkins Script Security Plugin 1399.ve6a 66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths...

4.3CVSS5.2AI score0.00174EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-5137

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.01013EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-4677

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.01639EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-4100

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.01204EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-4680

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.025EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-3365

Malicious code in bioql PyPI...

4.9CVSS4.7AI score0.01047EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-4221

Malicious code in bioql PyPI...

4.9CVSS4.7AI score0.01047EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-2891

Malicious code in bioql PyPI...

9.9CVSS9AI score0.02698EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-2690

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.01428EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-4465

Malicious code in bioql PyPI...

4.9CVSS4.7AI score0.01047EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-7052

Malicious code in bioql PyPI...

9.9CVSS9.1AI score0.01211EPSS
Exploits0References7
Rows per page
Query Builder