Lucene search
K

300 matches found

ATTACKERKB
ATTACKERKB
added 2022/07/27 3:15 p.m.1 views

CVE-2022-36888

A missing permission check in Jenkins HashiCorp Vault Plugin 354.vdb858fd6bf48 and earlier allows attackers with Overall/Read permission to obtain credentials stored in Vault with attacker-specified path and keys...

6.5CVSS5.8AI score0.00605EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/07/27 3:15 p.m.3 views

CVE-2022-36883

A missing permission check in Jenkins Git Plugin 4.11.3 and earlier allows unauthenticated attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit...

7.5CVSS5.8AI score0.05563EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/07/27 3:15 p.m.6 views

CVE-2022-36882

A cross-site request forgery CSRF vulnerability in Jenkins Git Plugin 4.11.3 and earlier allows attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit...

8.8CVSS5.6AI score0.00583EPSS
Exploits0References3
Prion
Prion
added 2022/07/27 3:15 p.m.19 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password...

4.3CVSS6.4AI score0.00479EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/07/27 2:29 p.m.27 views

CVE-2022-36921

A missing permission check in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.2AI score0.0073EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/07/27 2:27 p.m.27 views

CVE-2022-36911

A cross-site request forgery CSRF vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers to connect to an attacker-specified URL...

7AI score0.00397EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/07/27 2:26 p.m.40 views

CVE-2022-36907

A missing permission check in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password...

6.9AI score0.00668EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/07/27 2:20 p.m.23 views

CVE-2022-36882

A cross-site request forgery CSRF vulnerability in Jenkins Git Plugin 4.11.3 and earlier allows attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit...

8.8AI score0.00583EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/07/27 12:0 a.m.4 views

Jenkins Openstack Heat Plugin 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site request...

6.5CVSS6.4AI score0.00397EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/07/27 12:0 a.m.29 views

Jenkins Openstack Heat Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Plugin is a software application. A security vulnerability...

4.3CVSS5.2AI score0.00505EPSS
Exploits0References6
OSV
OSV
added 2022/06/30 6:15 p.m.4 views

CVE-2022-34792

A cross-site request forgery CSRF vulnerability in Jenkins Recipe Plugin 1.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML...

8CVSS7.2AI score0.0047EPSS
Exploits0References1
OSV
OSV
added 2022/06/24 12:0 a.m.30 views

GHSA-RQ99-93C5-33F6 Cross-Site Request Forgery in Jenkins ThreadFix Plugin

A cross-site request forgery CSRF vulnerability in Jenkins ThreadFix Plugin 1.5.4 and earlier allows attackers to connect to an attacker-specified URL...

4.3CVSS6.6AI score0.00617EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/06/24 12:0 a.m.23 views

Cross-Site Request Forgery in Jenkins ThreadFix Plugin

A cross-site request forgery CSRF vulnerability in Jenkins ThreadFix Plugin 1.5.4 and earlier allows attackers to connect to an attacker-specified URL...

6.5CVSS6.9AI score0.00617EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2022/06/24 12:0 a.m.20 views

Cross-Site Request Forgery in Jenkins Jianliao Notification Plugin

A cross-site request forgery CSRF vulnerability in Jenkins Jianliao Notification Plugin 1.1 and earlier allows attackers to send HTTP POST requests to an attacker-specified URL...

6.5CVSS6.9AI score0.00468EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/06/24 12:0 a.m.34 views

GHSA-24H8-CPQM-QMF3 Cross-Site Request Forgery in Jenkins Convertigo Mobile Platform Plugin

A cross-site request forgery CSRF vulnerability in Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier allows attackers to connect to an attacker-specified URL...

4.3CVSS8.6AI score0.00503EPSS
Exploits0References3
OSV
OSV
added 2022/06/23 5:15 p.m.2 views

CVE-2022-34201

A missing permission check in Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...

6.5CVSS6.4AI score0.0057EPSS
Exploits0References1
OSV
OSV
added 2022/06/23 5:15 p.m.4 views

CVE-2022-34203

A cross-site request forgery CSRF vulnerability in Jenkins EasyQA Plugin 1.0 and earlier allows attackers to connect to an attacker-specified HTTP server...

8.8CVSS5.7AI score
Exploits0References1
NVD
NVD
added 2022/06/23 5:15 p.m.15 views

CVE-2022-34201

A missing permission check in Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...

6.5CVSS0.0057EPSS
Exploits0References1
OSV
OSV
added 2022/06/23 5:15 p.m.3 views

CVE-2022-34207

A cross-site request forgery CSRF vulnerability in Jenkins Beaker builder Plugin 1.10 and earlier allows attackers to connect to an attacker-specified URL...

6.5CVSS6.3AI score0.00468EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/23 5:15 p.m.2 views

CVE-2022-34204

A missing permission check in Jenkins EasyQA Plugin 1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server...

4.3CVSS6.3AI score0.00521EPSS
Exploits0References2
Rows per page
Query Builder