Lucene search
K

24 matches found

Positive Technologies
Positive Technologies
added 2019/06/11 12:0 a.m.8 views

PT-2019-11731 · Jenkins +1 · Jenkins Electricflow Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins ElectricFlow Plugin version 1.1.5 and earlier CloudBees CD Plugin affected versions not specified Description: A cross-site request forgery issue allows attackers to connect to a specified URL using specified credentials. This is due ...

4.3CVSS4.3AI score0.01058EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2019/06/11 12:0 a.m.5 views

PT-2019-11733 · Jenkins +1 · Jenkins Electricflow Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins ElectricFlow Plugin version 1.1.5 and earlier CloudBees CD Plugin affected versions not specified Description: The issue concerns missing permission checks in various HTTP endpoints of the Jenkins ElectricFlow Plugin and form validati...

4.3CVSS4.4AI score0.01353EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2019/06/11 12:0 a.m.6 views

PT-2019-11734 · Cloudbees +1 · Cloudbees Cd Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins ElectricFlow Plugin version 1.1.5 and earlier CloudBees CD Plugin affected versions not specified Description: The issue concerns the disabling of SSL/TLS and hostname verification in Jenkins plugins. Specifically, the Jenkins...

6.5CVSS6.5AI score0.01303EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2019/06/11 12:0 a.m.4 views

PT-2019-11732 · Jenkins +1 · Jenkins Electricflow Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins ElectricFlow Plugin version 1.1.5 and earlier CloudBees CD Plugin affected versions not specified Description: A missing permission check in the ConfigurationdoTestConnection method allowed users with Overall/Read access to connect to...

4.3CVSS4.3AI score0.01829EPSS
Exploits0References8
Rows per page
Query Builder