Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/05/04 9:9 a.m.9 views

CVE-2026-42519

A flaw was found in Jenkins Script Security Plugin. An attacker with Overall/Read permission can exploit a missing permission check to enumerate pending and approved Script Security classpaths. This information disclosure vulnerability allows unauthorized access to sensitive configuration details...

6.5CVSS5.6AI score0.00174EPSS
Exploits0References4
OSV
OSV
added 2026/04/29 3:30 p.m.6 views

GHSA-P334-GFHQ-C7W6 Jenkins Script Security Plugin: Missing permission checks allow enumeration of pending and approved classpaths

Jenkins Script Security Plugin versions 1399.ve6a66547f6e1 and earlier do not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths. Script Security Plugin 1402.v94c9ce464861 requires...

4.3CVSS5.8AI score0.00174EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/04/29 3:30 p.m.23 views

Jenkins Script Security Plugin: Missing permission checks allow enumeration of pending and approved classpaths

Jenkins Script Security Plugin versions 1399.ve6a66547f6e1 and earlier do not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths. Script Security Plugin 1402.v94c9ce464861 requires...

4.3CVSS5.8AI score0.00174EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/04/29 2:16 p.m.71 views

CVE-2026-42519

A missing permission check in Jenkins Script Security Plugin 1399.ve6a66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths...

4.3CVSS0.00174EPSS
Exploits0References1
OSV
OSV
added 2026/04/29 2:16 p.m.1 views

CVE-2026-42519

A missing permission check in Jenkins Script Security Plugin 1399.ve6a66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths...

4.3CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added 2026/04/29 1:31 p.m.92 views

CVE-2026-42519

A missing permission check in Jenkins Script Security Plugin 1399.ve6a66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths...

0.00174EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/29 1:31 p.m.5 views

CVE-2026-42519

A missing permission check in Jenkins Script Security Plugin 1399.ve6a66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths...

4.3CVSS5.2AI score0.00174EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/29 1:31 p.m.39 views

EUVD-2026-26220

A missing permission check in Jenkins Script Security Plugin 1399.ve6a66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths...

4.3CVSS5.2AI score0.00174EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/29 1:31 p.m.5 views

CVE-2026-42519

A missing permission check in Jenkins Script Security Plugin 1399.ve6a66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths...

5.2AI score0.00174EPSS
Exploits0References1
CVE
CVE
added 2026/04/29 1:31 p.m.50 views

CVE-2026-42519

The provided documents describe CVE-2026-42519 as a vulnerability in the Jenkins Script Security Plugin (version 1399.ve6a_66547f6e1 and earlier). The root cause is a missing permission check that permits users with Overall/Read permission to enumerate pending and approved Script Security classpa...

4.3CVSS5.2AI score0.00174EPSS
Exploits0References1Affected Software1
AlpineLinux
AlpineLinux
added 2026/04/29 1:31 p.m.7 views

CVE-2026-42519

A missing permission check in Jenkins Script Security Plugin 1399.ve6a66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths...

4.3CVSS5.8AI score0.00174EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/29 12:0 a.m.8 views

PT-2026-35913

A missing permission check in Jenkins Script Security Plugin 1399.ve6a 66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths...

4.3CVSS5.2AI score0.00174EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2011/05/23 12:0 a.m.29 views

Apache Struts Security Update (S2-006) - Active Check

Apache Struts is prone to multiple vulnerabilities. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5CVSS6.5AI score0.33111EPSS
Exploits3References3
Rows per page
Query Builder