CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Tenable Nessus•added 2023/09/07 12:0 a.m.•57 views

Jenkins plugins Multiple Vulnerabilities (2023-09-06)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Job Configuration History Plugin 1227.v7a79fc4dc01f and earlier does not restrict the 'name' query parameter when rendering a histo...

8.8CVSS6.7AI score0.06937EPSS

Exploits0References20

Prion•added 2023/09/06 1:15 p.m.•16 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

4.3CVSS4.6AI score0.00056EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/09/06 12:9 p.m.•11 views

CVE-2023-41944

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not escape the queue name parameter passed to a form validation URL, when rendering an error message, resulting in an HTML injection vulnerability...

6.7AI score0.002EPSS

Exploits0References2

Cvelist•added 2023/09/06 12:9 p.m.•18 views

CVE-2023-41942

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

5.3AI score0.00056EPSS

Exploits0References2

Vulnrichment•added 2023/09/06 12:9 p.m.•11 views

CVE-2023-41942

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

6.7AI score0.00056EPSS

Exploits0References2

Cvelist•added 2023/09/06 12:8 p.m.•16 views

CVE-2023-41941

A missing permission check in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins...

5.2AI score0.00088EPSS

Exploits0References2

Vulnrichment•added 2023/09/06 12:8 p.m.•15 views

CVE-2023-41941

6.4AI score0.00088EPSS

Exploits0References2

CNNVD•added 2023/09/06 12:0 a.m.•3 views

Jenkins Plugin AWS CodeCommit Trigger Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Plugin is a software application. Jenkins Plugin AWS...

6.5CVSS6.7AI score0.00078EPSS

Exploits0References4

Tenable Nessus•added 2023/06/16 12:0 a.m.•48 views

Jenkins plugins Multiple Vulnerabilities (2023-06-14)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Checkmarx Plugin 2022.4.3 and earlier disables SSL/TLS validation for connections to the Checkmarx server by default. CVE-2023-3514...

8.1CVSS6.2AI score0.15358EPSS

Exploits0References11

Vulnrichment•added 2023/06/14 12:53 p.m.•59 views

CVE-2023-35147

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not restrict the AWS SQS queue name path parameter in an HTTP endpoint, allowing attackers with Item/Read permission to obtain the contents of arbitrary files on the Jenkins controller file system...

7AI score0.00562EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by