CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

6.1CVSS6.4AI score0.00061EPSS

CloudBees Jenkins ElectricFlow Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . ElectricFlow Plugin is used in one of the...

7.5CVSS7AI score0.00224EPSS

CloudBees Jenkins Token Macro Plugin XML External Entity Vulnerability

CNVD•added 2019/06/12 12:0 a.m.•3 views

CloudBees Jenkins JX Resources Plugin Trust Management Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . JX Resources Plugin is used in one of the...

8.8CVSS6.8AI score0.00075EPSS

CNVD•added 2019/06/12 12:0 a.m.•1 views

CloudBees Jenkins ElectricFlow Plugin Authorization Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . ElectricFlow Plugin is used in one of the...

4.3CVSS7AI score0.00123EPSS

4.3CVSS6.8AI score0.00207EPSS

CloudBees Jenkins ElectricFlow Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . ElectricFlow Plugin is used in one of the...

4.3CVSS6.1AI score0.00039EPSS

CloudBees Jenkins ElectricFlow Plugin Information Disclosure Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . ElectricFlow Plugin is used in one of the...

CNVD•added 2019/06/12 12:0 a.m.•3 views

CloudBees Jenkins ElectricFlow Plugin Trust Management Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . ElectricFlow Plugin is used in one of the...

6.5CVSS6.9AI score0.00052EPSS

CNVD•added 2019/06/12 12:0 a.m.•1 views

CloudBees Jenkins JX Resources Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . JX Resources Plugin is used in one of the...

8.8CVSS6.8AI score0.00091EPSS

5.4CVSS6.4AI score0.00055EPSS

CloudBees Jenkins ElectricFlow Plugin Cross-Site Scripting Vulnerability (CNVD-2019-22636)

Positive Technologies•added 2019/06/11 12:0 a.m.•6 views

PT-2019-11731 · Jenkins +1 · Jenkins Electricflow Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins ElectricFlow Plugin version 1.1.5 and earlier CloudBees CD Plugin affected versions not specified Description: A cross-site request forgery issue allows attackers to connect to a specified URL using specified credentials. This is due ...

4.3CVSS4.3AI score0.00207EPSS

Positive Technologies•added 2019/06/11 12:0 a.m.•2 views

PT-2019-11732 · Jenkins +1 · Jenkins Electricflow Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins ElectricFlow Plugin version 1.1.5 and earlier CloudBees CD Plugin affected versions not specified Description: A missing permission check in the ConfigurationdoTestConnection method allowed users with Overall/Read access to connect to...

4.3CVSS4.3AI score0.00123EPSS

Positive Technologies•added 2019/06/11 12:0 a.m.•2 views

PT-2019-11736 · Jenkins +1 · Jenkins Electricflow Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins ElectricFlow Plugin version 1.1.6 and earlier CloudBees CD Plugin affected versions not specified Description: A reflected cross-site scripting issue allows attackers to inject arbitrary HTML and JavaScript into job configuration form...

6.1CVSS5.9AI score0.00061EPSS

Positive Technologies•added 2019/06/11 12:0 a.m.•2 views

PT-2019-11733 · Jenkins +1 · Jenkins Electricflow Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins ElectricFlow Plugin version 1.1.5 and earlier CloudBees CD Plugin affected versions not specified Description: The issue concerns missing permission checks in various HTTP endpoints of the Jenkins ElectricFlow Plugin and form validati...

4.3CVSS4.4AI score0.00039EPSS

Positive Technologies•added 2019/06/11 12:0 a.m.•2 views

PT-2019-11734 · Cloudbees +1 · Cloudbees Cd Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins ElectricFlow Plugin version 1.1.5 and earlier CloudBees CD Plugin affected versions not specified Description: The issue concerns the disabling of SSL/TLS and hostname verification in Jenkins plugins. Specifically, the Jenkins...

6.5CVSS6.5AI score0.00052EPSS

CNVD•added 2019/06/10 12:0 a.m.•2 views

CloudBees Jenkins Artifactory Plugin Unauthorized Access Vulnerability (CNVD-2019-23826)

4.3CVSS6.9AI score0.00249EPSS

Exploits1References1

CNVD•added 2019/06/10 12:0 a.m.•1 views

CloudBees Jenkins Artifactory Plugin Cross-Site Request Forgery Vulnerability

4.3CVSS6.9AI score0.0012EPSS