Lucene search
K

8 matches found

vulnersOsv
vulnersOsv
added 2022/05/24 4:50 p.m.4 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1574 more potentially affected by CVE-2019-10353 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.17)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2019-10353 Source advisory: OSV:GHSA-HCXF-RQ72-H4RR...

7.5CVSS7AI score0.01502EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/08/20 12:0 a.m.40 views

RHEL 7 : OpenShift Container Platform 3.11 jenkins (RHSA-2019:2503)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:2503 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

7.5CVSS6.4AI score0.10225EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2019/07/26 12:0 a.m.38 views

Jenkins < 2.176.2 LTS / 2.186 Multiple Vulnerabilities

The version of Jenkins running on the remote web server is prior to 2.186 or is a version of Jenkins LTS prior to 2.176.2. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file write vulnerability exists due to an incomplete fix for SECURITY-1074, the improper validation of...

7.5CVSS6.4AI score0.10225EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2019/07/19 12:0 a.m.30 views

FreeBSD : jenkins -- multiple vulnerabilities (df3db21d-1a4d-4c78-acf7-4639e5a795e0)

Jenkins Security Advisory : DescriptionMedium SECURITY-1424 / CVE-2019-10352 Arbitrary file write vulnerability using file parameter definitions High SECURITY-626 / CVE-2019-10353 CSRF protection tokens did not expire Medium SECURITY-534 / CVE-2019-10354 Unauthorized view fragment access C Tenabl...

7.5CVSS6AI score0.10225EPSS
Exploits1References6
NVD
NVD
added 2019/07/17 4:15 p.m.18 views

CVE-2019-10353

CSRF tokens in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier did not expire, thereby allowing attackers able to obtain them to bypass CSRF protection...

7.5CVSS5.2AI score0.01502EPSS
Exploits0References5
OSV
OSV
added 2019/07/17 4:15 p.m.26 views

CVE-2019-10353

CSRF tokens in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier did not expire, thereby allowing attackers able to obtain them to bypass CSRF protection...

7.5CVSS6.5AI score
Exploits0References5
CVE
CVE
added 2019/07/17 3:45 p.m.116 views

CVE-2019-10353

CVE-2019-10353 affects Jenkins up to version 2.185 and earlier, and Jenkins LTS up to 2.176.1 and earlier. The root cause is CSRF tokens that did not expire, enabling attackers who obtain tokens to bypass CSRF protection. The related in-document entries (e.g., JENKINS_2_186 and GHSA-HCXF-RQ72-H4R...

7.5CVSS5AI score0.01502EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2019/07/17 3:45 p.m.31 views

CVE-2019-10353

CSRF tokens in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier did not expire, thereby allowing attackers able to obtain them to bypass CSRF protection...

4.8AI score0.01502EPSS
Exploits0References5
Rows per page
Query Builder