Lucene search
K

23 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3617

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.01041EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-5578

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.01151EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 4:12 a.m.9 views

CVE-2019-1003008

A cross-site request forgery vulnerability exists in Jenkins Warnings Next Generation Plugin 2.1.1 and earlier in src/main/java/io/jenkins/plugins/analysis/warnings/groovy/GroovyParser.java that allows attackers to execute arbitrary code via a form validation HTTP endpoint...

8.8CVSS7.5AI score0.01151EPSS
Exploits0References1
OSV
OSV
added 2022/05/24 5:29 p.m.3 views

GHSA-CCR8-4XR7-CGJ3 Sandbox bypass vulnerability in Jenkins Script Security Plugin

Jenkins Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are generally safe to execute. Calls to code defined inside a sandboxed script are intercepted, and various allowlists are checked to determine whether the call ...

9.9CVSS6.2AI score0.02126EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/05/24 5:29 p.m.34 views

Sandbox bypass vulnerability in Jenkins Script Security Plugin

Jenkins Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are generally safe to execute. Calls to code defined inside a sandboxed script are intercepted, and various allowlists are checked to determine whether the call ...

9.9CVSS9.3AI score0.02126EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2022/05/13 1:31 a.m.23 views

GHSA-CQP7-HWM3-CFG7 XSS vulnerability in Jenkins Warnings Next Generation Plugin

A cross-site scripting vulnerability exists in Jenkins Warnings Next Generation Plugin 1.0.1 and earlier in src/main/java/io/jenkins/plugins/analysis/core/model/DetailsTableModel.java, src/main/java/io/jenkins/plugins/analysis/core/model/SourceDetail.java,...

6.1CVSS6AI score0.01041EPSS
Exploits0References2
NVD
NVD
added 2022/01/12 8:15 p.m.14 views

CVE-2022-23107

Jenkins Warnings Next Generation Plugin 9.10.2 and earlier does not restrict the name of a file when configuring custom ID, allowing attackers with Item/Configure permission to write and read specific files with a hard-coded suffix on the Jenkins controller file system...

8.1CVSS0.01886EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/01/12 8:15 p.m.6 views

CVE-2022-23107

Jenkins Warnings Next Generation Plugin 9.10.2 and earlier does not restrict the name of a file when configuring custom ID, allowing attackers with Item/Configure permission to write and read specific files with a hard-coded suffix on the Jenkins controller file system...

8.1CVSS5.8AI score0.01886EPSS
Exploits0References3
CVE
CVE
added 2022/01/12 7:6 p.m.103 views

CVE-2022-23107

Jenkins Warnings Next Generation Plugin 9.10.2 and earlier is vulnerable: it does not restrict the filename when configuring a custom ID, allowing attackers with Item/Configure permission to write and read specific files with a hard-coded suffix on the Jenkins controller filesystem. Remediation p...

8.1CVSS7.7AI score0.01886EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/01/12 12:0 a.m.7 views

Jenkins Warnings Next Generation 路径遍历漏洞

Jenkins Warnings Next Generation is Jenkins an open source application plugin . The plugin is used to collect compiler warnings or static analysis tools to report problems and visualize the results . A security vulnerability exists in Jenkins Warnings Next Generation Plugin that allows an attacke...

8.1CVSS7.7AI score0.01886EPSS
Exploits0References6
CNVD
CNVD
added 2021/03/22 12:0 a.m.7 views

CloudBees Jenkins Warnings Next Generation Plugin Improper Privileges Vulnerability

Jenkins Warnings Next Generation is Jenkins open source an application plugin . The plug-in is used to collect compiler warnings or static analysis tools to report problems and visualize the results . A privilege impropriety vulnerability exists in Jenkins Warnings Next Generation Plugin version...

4.3CVSS6.5AI score0.00857EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/03/18 1:35 p.m.21 views

CVE-2021-21626

Jenkins Warnings Next Generation Plugin 8.4.4 and earlier does not perform a permission check in methods implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match...

5.2AI score0.00857EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/03/18 12:0 a.m.4 views

Jenkins Warnings Next Generation 安全漏洞

Jenkins Warnings Next Generation is Jenkins open source an application plugin . The plug-in is used to collect compiler warnings or static analysis tools to report problems and visualize the results . A privilege impropriety vulnerability exists in Jenkins Warnings Next Generation Plugin version...

4.3CVSS5.7AI score0.00857EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2021/03/18 12:0 a.m.3 views

PT-2021-14669 · Jenkins · Jenkins Warnings Next Generation Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Warnings Next Generation Plugin versions 8.4.4 and earlier Description: The issue allows attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns mat...

4.3CVSS4.3AI score0.00857EPSS
Exploits0References6
OSV
OSV
added 2019/02/06 4:29 p.m.16 views

CVE-2019-1003023

A cross-site scripting vulnerability exists in Jenkins Warnings Next Generation Plugin 1.0.1 and earlier in src/main/java/io/jenkins/plugins/analysis/core/model/DetailsTableModel.java, src/main/java/io/jenkins/plugins/analysis/core/model/SourceDetail.java,...

6.1CVSS6.1AI score
Exploits0References1
NVD
NVD
added 2019/02/06 4:29 p.m.18 views

CVE-2019-1003023

A cross-site scripting vulnerability exists in Jenkins Warnings Next Generation Plugin 1.0.1 and earlier in src/main/java/io/jenkins/plugins/analysis/core/model/DetailsTableModel.java, src/main/java/io/jenkins/plugins/analysis/core/model/SourceDetail.java,...

6.1CVSS6AI score0.01041EPSS
Exploits0References1
OSV
OSV
added 2019/02/06 4:29 p.m.16 views

CVE-2019-1003008

A cross-site request forgery vulnerability exists in Jenkins Warnings Next Generation Plugin 2.1.1 and earlier in src/main/java/io/jenkins/plugins/analysis/warnings/groovy/GroovyParser.java that allows attackers to execute arbitrary code via a form validation HTTP endpoint...

8.8CVSS7.5AI score
Exploits0References1
NVD
NVD
added 2019/02/06 4:29 p.m.19 views

CVE-2019-1003008

A cross-site request forgery vulnerability exists in Jenkins Warnings Next Generation Plugin 2.1.1 and earlier in src/main/java/io/jenkins/plugins/analysis/warnings/groovy/GroovyParser.java that allows attackers to execute arbitrary code via a form validation HTTP endpoint...

8.8CVSS8.8AI score0.01151EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/02/06 4:0 p.m.30 views

CVE-2019-1003008

A cross-site request forgery vulnerability exists in Jenkins Warnings Next Generation Plugin 2.1.1 and earlier in src/main/java/io/jenkins/plugins/analysis/warnings/groovy/GroovyParser.java that allows attackers to execute arbitrary code via a form validation HTTP endpoint...

8.9AI score0.01151EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/02/06 4:0 p.m.23 views

CVE-2019-1003023

A cross-site scripting vulnerability exists in Jenkins Warnings Next Generation Plugin 1.0.1 and earlier in src/main/java/io/jenkins/plugins/analysis/core/model/DetailsTableModel.java, src/main/java/io/jenkins/plugins/analysis/core/model/SourceDetail.java,...

6AI score0.01041EPSS
Exploits0References1
Rows per page
Query Builder