Lucene search
+L

7 matches found

nessus
nessus
added 2024/04/28 12:0 a.m.41 views

RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3198)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3198 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

9.9CVSS8.1AI score0.99931EPSS
Exploits54References48
nessus
nessus
added 2024/04/28 12:0 a.m.38 views

RHEL 8 : OpenShift Developer Tools and Services for OCP 4.12 (RHSA-2023:1064)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1064 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

9.9CVSS6.9AI score0.03571EPSS
Exploits4References33
nessus
nessus
added 2024/04/23 12:0 a.m.38 views

RHEL 8 : OpenShift Container Platform 4.9.56 (RHSA-2023:0777)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0777 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

9.9CVSS8AI score0.99615EPSS
Exploits12References56
redhat
redhat
added 2023/03/06 9:1 a.m.115 views

Critical: Red Hat Security Advisory: OpenShift Developer Tools and Services for OCP 4.12 security update

An update for Jenkins and Jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.12. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.9CVSS6.7AI score0.03571EPSS
Exploits4References16
redhatcve
redhatcve
added 2022/10/20 7:17 a.m.32 views

CVE-2022-43408

A Cross-site request forgery CSRF vulnerability was found in a Jenkins plugin. This issue may allow an authenticated attacker to access Jenkins builds, bypassing CSRF protections...

6.5CVSS4.6AI score0.00443EPSS
Exploits0References4
vulnersosv
vulnersosv
added 2022/10/19 7:0 p.m.5 views

net.praqma:memory-map (>=2.2.0 <=2.2.1), org.jenkins-ci.plugins.workflow:workflow-aggregator (>=2.1 <=2.4) +5 more potentially affected by CVE-2022-43408 via org.jenkins-ci.plugins.pipeline-stage-view:pipeline-stage-view (>=1.3 <=2.10)

org.jenkins-ci.plugins.pipeline-stage-view:pipeline-stage-view MAVEN version =1.3, =2.2.0, =2.1, =2.0.5, =1.0.0, =1.0.0, =1.0.2 Source cves: CVE-2022-43408 Source advisory: OSV:GHSA-G975-F26H-93G8...

6.5CVSS6.5AI score0.00443EPSS
Exploits0
cve
cve
added 2022/10/19 12:0 a.m.137 views

CVE-2022-43408

CVE-2022-43408 affects Jenkins Pipeline: Stage View Plugin (versions 2.26 and earlier). The vulnerability arises because the plugin does not correctly encode the ID of input steps when generating URLs to proceed/abort builds, allowing configured Pipelines to specify input step IDs that bypass CSR...

6.5CVSS6.5AI score0.00443EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder