Lucene search
K

7 matches found

OSV
OSV
added 2022/10/19 7:0 p.m.22 views

GHSA-PX4X-HJM5-W8X3 Content-Security-Policy protection for user content disabled by Jenkins XFramium Builder Plugin

Jenkins sets the Content-Security-Policy header to static files served by Jenkins specifically DirectoryBrowserSupport, such as workspaces, /userContent, or archived artifacts, unless a Resource Root URL is specified. XFramium Builder Plugin 1.0.22 and earlier globally disables the...

8.8CVSS4.6AI score0.00542EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/10/19 7:0 p.m.33 views

Content-Security-Policy protection for user content disabled by Jenkins XFramium Builder Plugin

Jenkins sets the Content-Security-Policy header to static files served by Jenkins specifically DirectoryBrowserSupport, such as workspaces, /userContent, or archived artifacts, unless a Resource Root URL is specified. XFramium Builder Plugin 1.0.22 and earlier globally disables the...

4.3CVSS4.8AI score0.00542EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2022/10/19 4:15 p.m.38 views

CVE-2022-43432

Jenkins XFramium Builder Plugin 1.0.22 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download...

4.3CVSS0.00542EPSS
Exploits0References2
Prion
Prion
added 2022/10/19 4:15 p.m.20 views

Design/Logic Flaw

Jenkins XFramium Builder Plugin 1.0.22 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download...

4CVSS4.6AI score0.00542EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/10/19 12:0 a.m.30 views

CVE-2022-43432

Jenkins XFramium Builder Plugin 1.0.22 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download...

4.9AI score0.00542EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/10/19 12:0 a.m.6 views

CVE-2022-43432

Jenkins XFramium Builder Plugin 1.0.22 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download...

4.6AI score0.00542EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/10/19 12:0 a.m.3 views

Jenkins XFramium Builder Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

4.3CVSS5.2AI score0.00542EPSS
Exploits0References5
Rows per page
Query Builder