21 matches found
EUVD-2022-7191
Malicious code in bioql PyPI...
EUVD-2022-7450
Malicious code in bioql PyPI...
CVE-2022-45399
A missing permission check in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics...
GHSA-24HP-84JP-8WGM Cross-Site Request Forgery in Jenkins Cluster Statistics Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics...
Jenkins Cluster Statistics Plugin Missing Authorization vulnerability
Jenkins Cluster Statistics Plugin 0.4.6 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to delete recorded Jenkins Cluster Statistics. Additionally, this HTTP endpoint does not require POST requests, resulting in a cross-site...
Cross-Site Request Forgery in Jenkins Cluster Statistics Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics...
Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.6 / 2.361.3.4 Multiple Vulnerabilities (CloudBees Security Advisory 2022-11-15)
The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.6 or 2.x prior to 2.361.3.4. It is, therefore, affected by multiple vulnerabilities including the following: - CVE-2022-38751 on snakeyaml fixed train 2.346.x.0.z BEE-237...
CVE-2022-45398
A cross-site request forgery CSRF vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics...
CVE-2022-45399
A missing permission check in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics...
CVE-2022-45398
A cross-site request forgery CSRF vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics...
CVE-2022-45399
A missing permission check in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics...
CVE-2022-45399
CVE-2022-45399 : Jenkins Cluster Statistics Plugin up to version 0.4.6 contains a missing permission check on its HTTP endpoint, enabling attackers (with Overall/Read) to delete recorded Cluster Statistics. The description does not specify a patch version or mitigation, and no exploitation detail...
PT-2022-27501 · Jenkins · Jenkins Cluster Statistics Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Cluster Statistics Plugin versions 0.4.6 and earlier Description: A missing permission check in the Jenkins Cluster Statistics Plugin allows attackers to delete recorded Jenkins Cluster Statistics. This issue is related to an HTTP...
CVE-2022-45398
A cross-site request forgery CSRF vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics...
CVE-2022-45399
A missing permission check in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics...
Jenkins Plugin Cluster Statistics 跨站请求伪造漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site request forge...
Jenkins Plugin Cluster Statistics 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins Plugin Cluster...
PT-2022-27500 · Jenkins · Jenkins Cluster Statistics Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Cluster Statistics Plugin versions 0.4.6 and earlier Description: A cross-site request forgery CSRF issue allows attackers to delete recorded Jenkins Cluster Statistics. This can be exploited by attackers to manipulate the system...
CVE-2022-45399
A missing permission check in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics...