CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2013-4351

Malware in sbrugna...

9.8CVSS9.2AI score0.00501EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-2693

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.00109EPSS

Exploits0References4

vulnersOsv•added 2025/01/15 6:56 p.m.•3 views

at.porscheinformatik.zanata:common (>=4.7.0 <=4.7.8), at.porscheinformatik.zanata:stub-server (>=4.7.0 <=4.7.8) +455 more potentially affected by CVE-2023-0482 via org.jboss.resteasy:resteasy-multipart-provider (>=2.0-RC1 <=3.15.3.Final)

org.jboss.resteasy:resteasy-multipart-provider MAVEN version =2.0-RC1, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =1.0.0, =0.2.0, =0.10.5-experimental and more Source cves: CVE-2023-0482 Source advisory: OSV:GHSA-2C6G-PFX3-W7H8...

5.5CVSS6.7AI score0.0005EPSS

Exploits0

Github Security Blog•added 2023/10/25 6:32 p.m.•18 views

Non-constant time webhook token hash comparison in Jenkins Zanata Plugin

Jenkins Zanata Plugin 0.6 and earlier does not use a constant-time comparison when checking whether the provided and expected webhook token hashes are equal. This could potentially allow attackers to use statistical methods to obtain a valid webhook token. As of publication of this advisory, ther...

5.3CVSS5.2AI score0.00109EPSS

Exploits0References4Affected Software1

OSV•added 2023/10/25 6:32 p.m.•12 views

GHSA-86J9-25M2-9W97 Non-constant time webhook token hash comparison in Jenkins Zanata Plugin

3.7CVSS5.5AI score0.00109EPSS

Exploits0References4

OSV•added 2023/10/25 6:17 p.m.•1 views

CVE-2023-46660

Jenkins Zanata Plugin 0.6 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token hashes are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.3CVSS5.8AI score0.00109EPSS

Exploits0References2

NVD•added 2023/10/25 6:17 p.m.•9 views

CVE-2023-46660

5.3CVSS6AI score0.00109EPSS

Exploits0References2

Prion•added 2023/10/25 6:17 p.m.•24 views

Code injection

5CVSS5.1AI score0.00109EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/10/25 1:45 p.m.•15 views

CVE-2023-46660

6.9AI score0.00109EPSS

Exploits0References2

CVE•added 2023/10/25 1:45 p.m.•48 views

CVE-2023-46660

Summary: CVE-2023-46660 affects Jenkins Zanata Plugin prior to 0.7 (0.6 and earlier) and is due to a non-constant time comparison when verifying webhook token hashes. This vulnerable check could enable attackers to use statistical methods to obtain a valid webhook token, as stated in multiple sou...

5.3CVSS5.1AI score0.00109EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/10/25 1:45 p.m.•18 views

CVE-2023-46660

5.9AI score0.00109EPSS

Exploits0References2

Positive Technologies•added 2023/10/25 12:0 a.m.•3 views

PT-2023-30147 · Jenkins · Jenkins Zanata Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Zanata Plugin versions 0.6 and earlier Description: The issue is related to the use of a non-constant time comparison function when checking whether the provided and expected webhook token hashes are equal. This potentially allows...

5.3CVSS4.9AI score0.00109EPSS

Exploits0References6

CNNVD•added 2023/10/25 12:0 a.m.•2 views

Jenkins Plugin Zanata Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

5.3CVSS6.6AI score0.00109EPSS

Exploits0References3

vulnersOsv•added 2022/05/24 10:1 p.m.•2 views

at.porscheinformatik.zanata:common (>=4.7.0 <=4.7.8), at.porscheinformatik.zanata:stub-server (>=4.7.0 <=4.7.8) +516 more potentially affected by CVE-2020-1695 via org.jboss.resteasy:resteasy-client (>=3.0.0.Final <=3.11.5.Final)

org.jboss.resteasy:resteasy-client MAVEN version =3.0.0.Final, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =1.1.9, =1.0.0.Final, =1.0.3.Final and more Source cves: CVE-2020-1695 Source advisory: OSV:GHSA-63CQ-PPQ8-CW6G...

7.5CVSS7AI score0.00366EPSS

Exploits0

vulnersOsv•added 2022/05/17 2:49 a.m.•3 views

at.porscheinformatik.zanata:common (>=4.7.0 <=4.7.8), at.porscheinformatik.zanata:stub-server (>=4.7.0 <=4.7.8) +337 more potentially affected by CVE-2016-6348 via org.jboss.resteasy:resteasy-client (>=3.0-beta-1 <=3.0.1.Final)

org.jboss.resteasy:resteasy-client MAVEN version =3.0-beta-1, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =1.1.11, =1.1.11, =1.3.2 and more Source cves: CVE-2016-6348 Source advisory: OSV:GHSA-9XFC-J5MF-9W5P...

6.1CVSS6.6AI score0.00132EPSS

Exploits0

vulnersOsv•added 2022/05/17 2:48 a.m.•3 views

at.porscheinformatik.zanata:common (>=4.7.0 <=4.7.8), at.porscheinformatik.zanata:stub-server (>=4.7.0 <=4.7.8) +337 more potentially affected by CVE-2016-6347 via org.jboss.resteasy:resteasy-client (>=3.0-beta-1 <=3.0.1.Final)

6.1CVSS6.6AI score0.00093EPSS

Exploits0

vulnersOsv•added 2022/05/14 1:3 a.m.•1 views

at.porscheinformatik.zanata:common (>=4.7.0 <=4.7.8), at.porscheinformatik.zanata:stub-server (>=4.7.0 <=4.7.8) +1328 more potentially affected by CVE-2016-6346 via org.jboss.resteasy:resteasy-jaxrs (>=1.1.GA <=3.0.1.Final)

org.jboss.resteasy:resteasy-jaxrs MAVEN version =1.1.GA, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =1.0.0, =1.2.0 - biz.paluch.visualizr:visualizr =1.0 - br.com.esec.icpm:certillion-client-library-resteasy-plugin =1.1.10 and more Source cves:...

7.5CVSS7.1AI score0.01184EPSS

Exploits0

vulnersOsv•added 2021/06/03 11:41 p.m.•1 views

at.porscheinformatik.zanata:common (>=4.7.0 <=4.7.8), at.porscheinformatik.zanata:stub-server (>=4.7.0 <=4.7.8) +733 more potentially affected by CVE-2020-25633 via org.jboss.resteasy:resteasy-client (>=3.0-beta-1 <=3.13.2.Final)

org.jboss.resteasy:resteasy-client MAVEN version =3.0-beta-1, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =1.0.0, =1.3.0 - be.valuya:ovh-sms-client =1.0 - br.com.anteros:Anteros-Keycloak =1.0.0 and more Source cves: CVE-2020-25633 Source advisor...

5.3CVSS6.7AI score0.00193EPSS

Exploits0

vulnersOsv•added 2020/06/15 7:57 p.m.•5 views

am.ik.home:uaa-server (>=1.0.0 <=1.2.0), at.porscheinformatik.zanata:common (>=4.7.0 <=4.7.8) +2713 more potentially affected by CVE-2017-7536 via org.hibernate:hibernate-validator (>=5.2.0.Alpha1 <=5.2.4.Final)

org.hibernate:hibernate-validator MAVEN version =5.2.0.Alpha1, =1.0.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =4.7.0, =1, =1, =10 and more Source cves: CVE-2017-7536 Source advisory: OSV:GHSA-XXGP-PCFC-3VGC...

7CVSS6.8AI score0.00127EPSS

Exploits0

NVD•added 2019/12/03 3:15 p.m.•12 views

CVE-2013-4486

Zanata 3.0.0 through 3.1.2 has RCE due to EL interpolation in logging...

9.8CVSS9.4AI score0.00501EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by