CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2025/05/23 4:10 a.m.•3 views

CVE-2023-39156

A cross-site request forgery CSRF vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags...

5.3CVSS6.7AI score0.00066EPSS

Exploits0References1

Github Security Blog•added 2023/07/26 3:30 p.m.•21 views

CSRF vulnerability in Bazaar Plugin

Jenkins Bazaar Plugin 1.22 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to delete previously created Bazaar SCM tags...

5.3CVSS5.4AI score0.00066EPSS

Exploits0References4Affected Software1

OSV•added 2023/07/26 2:15 p.m.•1 views

CVE-2023-39156

A cross-site request forgery CSRF vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags...

5.3CVSS5.7AI score

Exploits0References2

NVD•added 2023/07/26 2:15 p.m.•8 views

CVE-2023-39156

A cross-site request forgery CSRF vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags...

5.3CVSS5.9AI score0.00066EPSS

Exploits0References2

Prion•added 2023/07/26 2:15 p.m.•20 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags...

5CVSS5.2AI score0.00066EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2023/07/26 1:54 p.m.•7 views

CVE-2023-39156

A cross-site request forgery CSRF vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags...

6.7AI score0.00066EPSS

Exploits0References2

CVE•added 2023/07/26 1:54 p.m.•231 views

CVE-2023-39156

CVE-2023-39156 is a CSRF vulnerability in Jenkins Bazaar Plugin 1.22 and earlier. The issue arises because the plugin does not require POST requests on a specific HTTP endpoint, allowing an attacker to delete previously created Bazaar SCM tags. Impact is limited to the ability to delete tags; no ...

5.3CVSS5.2AI score0.00066EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/07/26 1:54 p.m.•11 views

CVE-2023-39156

A cross-site request forgery CSRF vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags...

5.8AI score0.00066EPSS

Exploits0References2

CNNVD•added 2023/07/26 12:0 a.m.•2 views

Jenkins Bazaar Plugin 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

5.3CVSS5.7AI score0.00066EPSS

Exploits0References4

Positive Technologies•added 2023/07/26 12:0 a.m.•3 views

PT-2023-26813 · Jenkins · Jenkins Bazaar Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Bazaar Plugin versions 1.22 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to delete previously created Bazaar SCM tags. This issue arises because the plugin does not require POST requests fo...

5.3CVSS5AI score0.00066EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by