Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:37 a.m.7 views

CVE-2023-28677

Jenkins Convert To Pipeline Plugin 1.0 and earlier uses basic string concatenation to convert Freestyle projects' Build Environment, Build Steps, and Post-build Actions to the equivalent Pipeline step invocations, allowing attackers able to configure Freestyle projects to prepare a crafted...

9.8CVSS6.7AI score0.00779EPSS
Exploits0References1
OSV
OSV
added 2023/04/02 9:30 p.m.23 views

GHSA-48G9-H7G5-8PW2 Jenkins Convert To Pipeline Plugin vulnerable to cross-site request forgery

Convert To Pipeline Plugin 1.0 and earlier does not require POST requests for the HTTP endpoint converting a Freestyle project to Pipeline, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to create a Pipeline based on a Freestyle project. Combined...

8.8CVSS9.2AI score0.0064EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/03/23 11:26 a.m.7 views

CVE-2023-28677

Jenkins Convert To Pipeline Plugin 1.0 and earlier uses basic string concatenation to convert Freestyle projects' Build Environment, Build Steps, and Post-build Actions to the equivalent Pipeline step invocations, allowing attackers able to configure Freestyle projects to prepare a crafted...

9.4AI score0.00779EPSS
Exploits0References1
CVE
CVE
added 2023/03/23 11:26 a.m.266 views

CVE-2023-28677

The CVE-2023-28677 entry concerns the Jenkins Convert To Pipeline Plugin (1.0 and earlier). The vulnerability arises from using basic string concatenation to convert Freestyle projects’ Build Environment, Build Steps, and Post-build Actions into Pipeline invocations, enabling an attacker who can ...

9.8CVSS9.2AI score0.00779EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/03/23 11:26 a.m.36 views

CVE-2023-28677

Jenkins Convert To Pipeline Plugin 1.0 and earlier uses basic string concatenation to convert Freestyle projects' Build Environment, Build Steps, and Post-build Actions to the equivalent Pipeline step invocations, allowing attackers able to configure Freestyle projects to prepare a crafted...

9.6AI score0.00779EPSS
Exploits0References1
Rows per page
Query Builder