Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2023/06/16 12:0 a.m.49 views

Jenkins plugins Multiple Vulnerabilities (2023-06-14)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Checkmarx Plugin 2022.4.3 and earlier disables SSL/TLS validation for connections to the Checkmarx server by default. CVE-2023-3514...

8.1CVSS6.2AI score0.0083EPSS
Exploits0References11
OSV
OSV
added 2023/06/14 1:15 p.m.5 views

CVE-2023-35147

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not restrict the AWS SQS queue name path parameter in an HTTP endpoint, allowing attackers with Item/Read permission to obtain the contents of arbitrary files on the Jenkins controller file system...

6.5CVSS5.9AI score0.0063EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/06/14 12:53 p.m.62 views

CVE-2023-35147

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not restrict the AWS SQS queue name path parameter in an HTTP endpoint, allowing attackers with Item/Read permission to obtain the contents of arbitrary files on the Jenkins controller file system...

7AI score0.0063EPSS
Exploits0References2
CVE
CVE
added 2023/06/14 12:53 p.m.79 views

CVE-2023-35147

CVE-2023-35147 affects the Jenkins AWS CodeCommit Trigger Plugin, v3.0.12 and earlier. The issue arises because the HTTP endpoint does not restrict the AWS SQS queue name path parameter, enabling attackers with Item/Read permission to obtain contents of arbitrary files on the Jenkins controller f...

6.5CVSS6.2AI score0.0063EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder