Lucene search
K

141 matches found

CNNVD
CNNVD
added 2023/07/12 12:0 a.m.5 views

Jenkins Plugin ElasticBox CI 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

8.8CVSS7.9AI score0.0051EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/07/12 12:0 a.m.4 views

Jenkins Plugin Sumologic Publisher 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

6.5CVSS6.5AI score0.00454EPSS
Exploits0References3
OSV
OSV
added 2023/06/14 1:15 p.m.1 views

CVE-2023-35149

A missing permission check in Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL, capturing credentials stored in Jenkins...

6.5CVSS5.8AI score0.00658EPSS
Exploits0References2
OSV
OSV
added 2023/05/16 5:15 p.m.1 views

CVE-2023-32999

A missing permission check in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials...

4.3CVSS5.8AI score0.00509EPSS
Exploits0References1
OSV
OSV
added 2023/05/16 5:15 p.m.5 views

CVE-2023-32991

A cross-site request forgery CSRF vulnerability in Jenkins SAML Single Sign OnSSO Plugin 2.0.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML...

8.8CVSS7.3AI score0.00681EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/16 12:0 a.m.6 views

PT-2023-24124 · Jenkins · Jenkins Saml Single Sign On(Sso) Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins SAML Single Sign OnSSO Plugin versions 2.0.2 and earlier Description: The issue is related to missing permission checks in the Jenkins SAML Single Sign OnSSO Plugin, allowing attackers with Overall/Read permission to send an HTTP...

8.8CVSS8.4AI score0.00832EPSS
Exploits0References6
OSV
OSV
added 2023/04/12 6:15 p.m.4 views

CVE-2023-30526

A missing permission check in Jenkins Report Portal Plugin 0.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified bearer token authentication...

6.5CVSS6.6AI score0.00542EPSS
Exploits0References2
OSV
OSV
added 2023/04/12 6:15 p.m.4 views

CVE-2023-30525

A cross-site request forgery CSRF vulnerability in Jenkins Report Portal Plugin 0.5 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified bearer token authentication...

8.8CVSS7.2AI score0.0078EPSS
Exploits0References2
OSV
OSV
added 2023/01/26 9:18 p.m.2 views

CVE-2023-24438

A missing permission check in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkin...

6.5CVSS5.8AI score0.00769EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/08/10 12:0 a.m.6 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager AEM is a content management solution from Adobe that can be used to build websites, mobile applications, and forms. A cross-site scripting vulnerability exists in Adobe Experience Manager Core Components 2.20.6 and prior versions, which originates when a victim accesses a...

5.4CVSS5.9AI score0.00578EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/07/27 3:15 p.m.3 views

CVE-2022-36920

A cross-site request forgery CSRF vulnerability in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS5.6AI score0.00499EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/07/27 12:0 a.m.6 views

Jenkins OpenShift Deployer Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability ...

6.5CVSS6.5AI score0.00668EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/07/27 12:0 a.m.3 views

Jenkins OpenShift Deployer Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

6.5CVSS6.6AI score0.00699EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/07/27 12:0 a.m.4 views

Jenkins OpenShift Deployer Plugin 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site request...

6.5CVSS6.4AI score0.00479EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2022/06/30 6:15 p.m.3 views

CVE-2022-34797

A cross-site request forgery CSRF vulnerability in Jenkins Deployment Dashboard Plugin 1.0.10 and earlier allows attackers to connect to an attacker-specified HTTP URL using attacker-specified credentials...

4.3CVSS5.8AI score0.00558EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/06/30 12:0 a.m.3 views

PT-2022-22346 · Jenkins · Jenkins Recipe Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Recipe Plugin versions 1.2 and earlier Description: The issue is related to missing permission checks in the Jenkins Recipe Plugin, allowing attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL a...

7.1CVSS6.2AI score0.00605EPSS
Exploits0References6
OSV
OSV
added 2022/06/23 5:15 p.m.2 views

CVE-2022-34212

A missing permission check in Jenkins vRealize Orchestrator Plugin 3.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request to an attacker-specified URL...

5.7CVSS6.4AI score0.00619EPSS
Exploits0References1
OSV
OSV
added 2022/06/23 5:15 p.m.2 views

CVE-2022-34211

A cross-site request forgery CSRF vulnerability in Jenkins vRealize Orchestrator Plugin 3.0 and earlier allows attackers to send an HTTP POST request to an attacker-specified URL...

6.5CVSS6.4AI score0.00468EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/06/22 12:0 a.m.3 views

PT-2022-22075 · Jenkins · Jenkins Jianliao Notification Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Jianliao Notification Plugin versions 1.1 and earlier Description: A cross-site request forgery CSRF issue allows attackers to send HTTP POST requests to an attacker-specified URL. This can be exploited by attackers to perform...

6.5CVSS6.2AI score0.00468EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/06/22 12:0 a.m.3 views

Jenkins Plugin Jianliao Notification 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. POST requests to an attacker-specified URL...

6.5CVSS5.6AI score0.00468EPSS
Exploits0References4
Rows per page
Query Builder