Lucene search
K

24 matches found

CNVD
CNVD
added 2018/12/11 12:0 a.m.5 views

CloudBees Jenkins Code Execution Vulnerability

CloudBees Jenkins formerly known as Hudson Labs is a Java-based continuous integration tool from CloudBees, Inc. It is mainly used to monitor continuous software releases/testing projects and a number of timed tasks.LTS Long-Term Support is a long-supported version of CloudBees Jenkins a long-ter...

10CVSS9.4AI score0.98326EPSS
Exploits5References1
Vulnrichment
Vulnrichment
added 2018/12/10 2:0 p.m.10 views

CVE-2018-1000861

A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows attackers to invoke some methods on Java objects by accessing crafted URLs that were not...

7.2AI score0.98326EPSS
Exploits5References4
RedhatCVE
RedhatCVE
added 2018/07/30 3:49 a.m.31 views

CVE-2018-1999007

A cross-site scripting vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework's org/kohsuke/stapler/Stapler.java that allows attackers with the ability to control the existence of some URLs in Jenkins to define JavaScript that would be executed in...

5.4CVSS2.1AI score0.00894EPSS
Exploits0References2
Prion
Prion
added 2018/07/23 7:29 p.m.20 views

Cross site scripting

A cross-site scripting vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework's org/kohsuke/stapler/Stapler.java that allows attackers with the ability to control the existence of some URLs in Jenkins to define JavaScript that would be executed in...

3.5CVSS6.3AI score0.00894EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder