14 matches found
EUVD-2022-5564
Malicious code in bioql PyPI...
CSRF vulnerability in Jenkins Maven Cascade Release Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Maven Cascade Release Plugin 1.3.2 and earlier allows attackers to start cascade builds and layout builds, and reconfigure the plugin...
GHSA-WFPW-HQJG-58PH CSRF vulnerability in Jenkins Maven Cascade Release Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Maven Cascade Release Plugin 1.3.2 and earlier allows attackers to start cascade builds and layout builds, and reconfigure the plugin...
Missing permission checks in Jenkins Maven Cascade Release Plugin
Jenkins Maven Cascade Release Plugin 1.3.2 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to start cascade builds and layout builds, and reconfigure the plugin...
CVE-2020-2295
A cross-site request forgery CSRF vulnerability in Jenkins Maven Cascade Release Plugin 1.3.2 and earlier allows attackers to start cascade builds and layout builds, and reconfigure the plugin...
CVE-2020-2294
Jenkins Maven Cascade Release Plugin 1.3.2 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to start cascade builds and layout builds, and reconfigure the plugin...
CVE-2020-2295
A cross-site request forgery CSRF vulnerability in Jenkins Maven Cascade Release Plugin 1.3.2 and earlier allows attackers to start cascade builds and layout builds, and reconfigure the plugin...
CVE-2020-2294
Jenkins Maven Cascade Release Plugin 1.3.2 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to start cascade builds and layout builds, and reconfigure the plugin...
Design/Logic Flaw
Jenkins Maven Cascade Release Plugin 1.3.2 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to start cascade builds and layout builds, and reconfigure the plugin...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins Maven Cascade Release Plugin 1.3.2 and earlier allows attackers to start cascade builds and layout builds, and reconfigure the plugin...
CVE-2020-2295
A CSRF vulnerability affects Jenkins Maven Cascade Release Plugin 1.3.2 and earlier, allowing an attacker to start cascade/layout builds and reconfigure the plugin. Root cause: missing CSRF protection in the plugin’s request handling. Impact: unauthorized build actions and plugin reconfiguration....
CVE-2020-2295
A cross-site request forgery CSRF vulnerability in Jenkins Maven Cascade Release Plugin 1.3.2 and earlier allows attackers to start cascade builds and layout builds, and reconfigure the plugin...
CVE-2020-2294
CVE-2020-2294 affects Jenkins Maven Cascade Release Plugin (versions 1.3.2 and earlier). The root cause is missing permission checks on several HTTP endpoints, enabling users with Overall/Read to start cascade builds, layout builds, and reconfigure the plugin. Reported impact per sources includes...
CVE-2020-2294
Jenkins Maven Cascade Release Plugin 1.3.2 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to start cascade builds and layout builds, and reconfigure the plugin...