13 matches found
EUVD-2022-7191
Malicious code in bioql PyPI...
Cross-Site Request Forgery in Jenkins Cluster Statistics Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics...
Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.6 / 2.361.3.4 Multiple Vulnerabilities (CloudBees Security Advisory 2022-11-15)
The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.6 or 2.x prior to 2.361.3.4. It is, therefore, affected by multiple vulnerabilities including the following: - CVE-2022-38751 on snakeyaml fixed train 2.346.x.0.z BEE-237...
CVE-2022-45398
A cross-site request forgery CSRF vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics...
CVE-2022-45398
A cross-site request forgery CSRF vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics...
CVE-2022-45399
A missing permission check in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics...
CVE-2022-45399
CVE-2022-45399 : Jenkins Cluster Statistics Plugin up to version 0.4.6 contains a missing permission check on its HTTP endpoint, enabling attackers (with Overall/Read) to delete recorded Cluster Statistics. The description does not specify a patch version or mitigation, and no exploitation detail...
PT-2022-27501 · Jenkins · Jenkins Cluster Statistics Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Cluster Statistics Plugin versions 0.4.6 and earlier Description: A missing permission check in the Jenkins Cluster Statistics Plugin allows attackers to delete recorded Jenkins Cluster Statistics. This issue is related to an HTTP...
CVE-2022-45398
A cross-site request forgery CSRF vulnerability in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics...
CVE-2022-45399
A missing permission check in Jenkins Cluster Statistics Plugin 0.4.6 and earlier allows attackers to delete recorded Jenkins Cluster Statistics...
PT-2022-27500 · Jenkins · Jenkins Cluster Statistics Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Cluster Statistics Plugin versions 0.4.6 and earlier Description: A cross-site request forgery CSRF issue allows attackers to delete recorded Jenkins Cluster Statistics. This can be exploited by attackers to manipulate the system...
CVE-2022-45398
Summary (CVE-2022-45398): A cross-site request forgery (CSRF) vulnerability in Jenkins Cluster Statistics Plugin