Lucene search
+L

9 matches found

nessus
nessus
added 2024/04/28 12:0 a.m.38 views

RHEL 8 : OpenShift Developer Tools and Services for OCP 4.12 (RHSA-2023:1064)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1064 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

9.9CVSS6.9AI score0.03571EPSS
Exploits4References33
nessus
nessus
added 2024/04/28 12:0 a.m.41 views

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3198)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3198 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

9.9CVSS8.1AI score0.99931EPSS
Exploits54References48
nessus
nessus
added 2024/04/23 12:0 a.m.38 views

RHEL 8 : OpenShift Container Platform 4.9.56 (RHSA-2023:0777)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0777 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

9.9CVSS8AI score0.99615EPSS
Exploits12References56
redhat
redhat
added 2023/03/06 9:1 a.m.115 views

Critical: Red Hat Security Advisory: OpenShift Developer Tools and Services for OCP 4.12 security update

An update for Jenkins and Jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.9CVSS6.7AI score0.03571EPSS
Exploits4References16
redhatcve
redhatcve
added 2022/10/20 7:17 a.m.40 views

CVE-2022-43407

A cross-site request forgery CSRF vulnerability was found in a Jenkins plugin. This issue may allow an unauthenticated attacker to access Jenkins builds, bypassing CSRF protections. This could compromise the integrity, availability, and confidentiality of Jenkins...

8.8CVSS5.2AI score0.00493EPSS
Exploits0References4
vulnersosv
vulnersosv
added 2022/10/19 7:0 p.m.5 views

com.splunk.splunkins:splunk-devops-extend (>=1.0 <=1.7.0), com.testinium.jenkins:testinium (=1.0) +27 more potentially affected by CVE-2022-43407 via org.jenkins-ci.plugins:pipeline-input-step (>=2.0 <=2.8)

org.jenkins-ci.plugins:pipeline-input-step MAVEN version =2.0, =1.0, =0.0.15, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =0.1-preview-4, =2.2.0, =1.8-beta-1, =1.8-beta-1, =2.0, =2.5 and more Source cves: CVE-2022-43407 Source advisory: OSV:GHSA-G66M-FQXF-3W35...

8.8CVSS7.2AI score0.00493EPSS
Exploits0
nvd
nvd
added 2022/10/19 4:15 p.m.20 views

CVE-2022-43407

Jenkins Pipeline: Input Step Plugin 451.vf1aa4f405289 and earlier does not restrict or sanitize the optionally specified ID of the 'input' step, which is used for the URLs that process user interactions for the given 'input' step proceed or abort and is not correctly encoded, allowing attackers...

8.8CVSS0.00493EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2022/10/19 12:0 a.m.7 views

CVE-2022-43407

Jenkins Pipeline: Input Step Plugin 451.vf1aa4f405289 and earlier does not restrict or sanitize the optionally specified ID of the 'input' step, which is used for the URLs that process user interactions for the given 'input' step proceed or abort and is not correctly encoded, allowing attackers...

7.1AI score0.00493EPSS
Exploits0References2
cve
cve
added 2022/10/19 12:0 a.m.141 views

CVE-2022-43407

CVE-2022-43407 affects Jenkins Pipeline: Input Step Plugin (versions up to 451.vf1a_a_4f405289 and earlier). The vulnerability arises because the plugin does not restrict or sanitize the optional ID used in the input step, which is used to construct URLs for user interactions (proceed/abort). Thi...

8.8CVSS8.5AI score0.00493EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder