23 matches found
EUVD-2022-6898
Malicious code in bioql PyPI...
CVE-2022-41231
Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins controller file system by providing a crafted file name to an API endpoint...
CVE-2022-41232
A cross-site request forgery CSRF vulnerability in Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers to replace any config.xml file on the Jenkins controller file system with an empty file by providing a crafted file name to an API endpoint...
CVE-2022-41230
Jenkins Build-Publisher Plugin 1.22 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to obtain names and URLs of Jenkins servers that the plugin is configured to publish builds to, as well as builds pending for publication to tho...
Design/Logic Flaw
Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins controller file system by providing a crafted file name to an API endpoint...
Code injection
Jenkins Build-Publisher Plugin 1.22 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to obtain names and URLs of Jenkins servers that the plugin is configured to publish builds to, as well as builds pending for publication to tho...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers to replace any config.xml file on the Jenkins controller file system with an empty file by providing a crafted file name to an API endpoint...
CVE-2022-41232
A cross-site request forgery CSRF vulnerability in Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers to replace any config.xml file on the Jenkins controller file system with an empty file by providing a crafted file name to an API endpoint...
CVE-2022-41232
CVE-2022-41232 is a cross-site request forgery (CSRF) vulnerability in Jenkins Build-Publisher Plugin (versions 1.22 and earlier). The issue allows an attacker to replace any config.xml file on the Jenkins controller filesystem with an empty file by supplying a crafted file name to an API endpoin...
CVE-2022-41232
A cross-site request forgery CSRF vulnerability in Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers to replace any config.xml file on the Jenkins controller file system with an empty file by providing a crafted file name to an API endpoint...
CVE-2022-41230
Jenkins Build-Publisher Plugin 1.22 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to obtain names and URLs of Jenkins servers that the plugin is configured to publish builds to, as well as builds pending for publication to tho...
CVE-2022-41231
Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins controller file system by providing a crafted file name to an API endpoint...
CVE-2022-41231
CVE-2022-41231 : Jenkins Build-Publisher Plugin
CVE-2022-41230
CVE-2022-41230 affects Jenkins Build-Publisher Plugin 1.22 and earlier. The root cause is a missing permission check in an HTTP endpoint, enabling attackers with Overall/Read permission to enumerate sensitive data: names and URLs of Jenkins servers configured for publishing, plus builds pending f...
Jenkins Build-Publisher Plugin 路径遍历漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A path traversal...
PT-2022-25748 · Jenkins · Jenkins Build-Publisher Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Build-Publisher Plugin versions 1.22 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to replace any config.xml file on the Jenkins controller file system with an empty file by providing a...
Jenkins Build-Publisher Plugin 跨站请求伪造漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site request...
Jenkins Build-Publisher Plugin 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
PT-2022-25746 · Jenkins · Jenkins Build-Publisher Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Build-Publisher Plugin versions 1.22 and earlier Description: The issue is related to a missing permission check in an HTTP endpoint, which allows attackers with Overall/Read permission to obtain the names and URLs of Jenkins servers...
PT-2022-25747 · Jenkins · Jenkins Build-Publisher Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Build-Publisher Plugin versions 1.22 and earlier Description: The issue allows attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins controller file system by providing a crafted file name to...