Lucene search
K

7 matches found

vulnersOsv
vulnersOsv
added 2022/05/13 1:1 a.m.4 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1572 more potentially affected by CVE-2018-1999007 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.12)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2018-1999007 Source advisory: OSV:GHSA-6456-XJM5-G3PG...

5.4CVSS6.1AI score0.00894EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/07/24 12:0 a.m.106 views

Jenkins < 2.133 and < 2.121.2 LTS Multiple Vulnerabilities - Windows

Jenkins is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS5.4AI score0.86641EPSS
Exploits8References1
OpenVAS
OpenVAS
added 2018/07/24 12:0 a.m.139 views

Jenkins < 2.133 and < 2.121.2 LTS Multiple Vulnerabilities - Linux

Jenkins is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS5.4AI score0.86641EPSS
Exploits8References1
OSV
OSV
added 2018/07/23 7:29 p.m.24 views

CVE-2018-1999007

A cross-site scripting vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework's org/kohsuke/stapler/Stapler.java that allows attackers with the ability to control the existence of some URLs in Jenkins to define JavaScript that would be executed in...

5.4CVSS5.7AI score
Exploits0References2
Cvelist
Cvelist
added 2018/07/23 7:0 p.m.29 views

CVE-2018-1999007

A cross-site scripting vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework's org/kohsuke/stapler/Stapler.java that allows attackers with the ability to control the existence of some URLs in Jenkins to define JavaScript that would be executed in...

6.4AI score0.00894EPSS
Exploits0References2
CVE
CVE
added 2018/07/23 7:0 p.m.118 views

CVE-2018-1999007

CVE-2018-1999007 is a cross-site scripting vulnerability in Jenkins up to version 2.132 (and 2.121.1 and earlier for some components) involving the Stapler web framework. When Stapler debug mode is enabled, error/404 pages could display unescaped URL parts, allowing an attacker who can influence ...

5.4CVSS6.2AI score0.00894EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/07/20 12:0 a.m.86 views

FreeBSD : jenkins -- multiple vulnerabilities (20a1881e-8a9e-11e8-bddf-d017c2ca229d)

Jenkins Security Advisory : DescriptionHigh SECURITY-897 / CVE-2018-1999001 Users without Overall/Read permission can have Jenkins reset parts of global configuration on the next restart High SECURITY-914 / CVE-2018-1999002 Arbitrary file read vulnerability Medium SECURITY-891 / CVE-2018-1999003...

8.8CVSS5.5AI score0.86641EPSS
Exploits8References9
Rows per page
Query Builder