Lucene search
K

5 matches found

vulnersOsv
vulnersOsv
added 2022/05/13 1:36 a.m.7 views

com.cloudcoreo.plugins:cloudcoreo-deploytime (>=0.1.0 <=0.2.3), com.github.kostyasha.yet-another-docker:yet-another-docker-plugin (>=0.1.0 <=0.1.3) +7 more potentially affected by CVE-2017-2648 via org.jenkins-ci.plugins:ssh-slaves (>=1.10 <=1.13)

org.jenkins-ci.plugins:ssh-slaves MAVEN version =1.10, =0.1.0, =0.1.0, =1.2.8, =2.0.0, =1.3, =1.2.0, =2.9, =2.11, =2.8, =2.19 Source cves: CVE-2017-2648 Source advisory: OSV:GHSA-X654-4WJH-74Q6...

6.8CVSS6.6AI score0.01423EPSS
Exploits0
NVD
NVD
added 2018/07/27 8:29 p.m.14 views

CVE-2017-2648

It was found that jenkins-ssh-slaves-plugin before version 1.15 did not perform host key verification, thereby enabling Man-in-the-Middle attacks...

6.8CVSS6.7AI score0.01423EPSS
Exploits0References3
OSV
OSV
added 2018/07/27 8:29 p.m.11 views

CVE-2017-2648

It was found that jenkins-ssh-slaves-plugin before version 1.15 did not perform host key verification, thereby enabling Man-in-the-Middle attacks...

5.6CVSS6.9AI score0.01423EPSS
Exploits0References3
CVE
CVE
added 2018/07/27 8:0 p.m.46 views

CVE-2017-2648

The CVE-2017-2648 issue affects the Jenkins SSH Slaves Plugin; before version 1.15 it did not verify host keys, enabling Man-in-the-Middle attacks. Impact is network-based, with potential for interception of communications between the master and agents. The commonly cited remediation is to upgrad...

6.8CVSS5.5AI score0.01423EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/07/27 8:0 p.m.21 views

CVE-2017-2648

It was found that jenkins-ssh-slaves-plugin before version 1.15 did not perform host key verification, thereby enabling Man-in-the-Middle attacks...

6.8CVSS6.7AI score0.01423EPSS
Exploits0References3
Rows per page
Query Builder