6 matches found
CVE-2020-2281
A cross-site request forgery CSRF vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources...
org.waveywaves.jenkins.plugins:tekton-client (=1.1.0) potentially affected by CVE-2020-2281 via org.6wind.jenkins:lockable-resources (=2.3)
org.6wind.jenkins:lockable-resources MAVEN version =2.3 is affected by a known vulnerability. The following packages have a transitive dependency on org.6wind.jenkins:lockable-resources and may be impacted: - org.waveywaves.jenkins.plugins:tekton-client =1.1.0 Source cves: CVE-2020-2281 Source...
CVE-2020-2281
A cross-site request forgery CSRF vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources...
CVE-2020-2281
A cross-site request forgery CSRF vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources...
CVE-2020-2281
A cross-site request forgery CSRF vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources...
CVE-2020-2281
The CVE-2020-2281 issue affects Jenkins Lockable Resources Plugin versions 2.8 and earlier. The root cause is CSRF due to endpoints not requiring POST, allowing attackers to reserve, unreserve, unlock, and reset resources. Impact is limited to the affected plugin’s resources as described in the s...