17 matches found
EUVD-2022-2702
Malicious code in bioql PyPI...
CVE-2018-1999037
A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource...
org.jenkins-ci.plugins.nodesharing:foreman-node-sharing (>=1.2.8 <=1.2.9), org.jenkins-ci.plugins:foreman-node-sharing (>=1.2.0 <=1.2.3) potentially affected by CVE-2018-1999037 via org.jenkins-ci.plugins:resource-disposer (=0.1)
org.jenkins-ci.plugins:resource-disposer MAVEN version =0.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:resource-disposer and may be impacted: - org.jenkins-ci.plugins.nodesharing:foreman-node-sharing =1.2.8, =1.2.0, =1.2.3...
Jenkins Resource Disposer Plugin allows attacker to stop tracking specified resource
A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a specified resource. Additionally, this API endpoint did not require POST requests, resulting in a CSRF vulnerability. As of version...
GHSA-63JG-5WV6-7GHV Jenkins Resource Disposer Plugin allows attacker to stop tracking specified resource
A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a specified resource. Additionally, this API endpoint did not require POST requests, resulting in a CSRF vulnerability. As of version...
CloudBees Jenkins Resource Disposer Plugin Cross-Site Request Forgery Vulnerability
CloudBees Jenkins is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Resource Disposer Plugin is used in...
Design/Logic Flaw
A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource...
CVE-2018-1999037
A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource...
CVE-2018-1999037
A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource...
CVE-2018-1999037
A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource...
CVE-2018-1999037
CVE-2018-1999037 affects Jenkins Resource Disposer Plugin up to version 0.11. The vulnerability is in AsyncResourceDisposer.java and allows an attacker to stop tracking a resource (data modification). Related advisories confirm an additional CSRF weakness in the API endpoint prior to version 0.12...
OpenJDK: Java2d Disposer security bypass (2D, 8017287)
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability tha...
OpenJDK: Java2d Disposer security bypass (2D, 8017287)
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability tha...
OpenJDK: Java2d Disposer security bypass (2D, 8017287)
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability tha...
OpenJDK: Java2d Disposer security bypass (2D, 8017287)
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability tha...
OpenJDK: Java2d Disposer security bypass (2D, 8017287)
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability tha...
OpenJDK: Java2d Disposer security bypass (2D, 8017287)
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability tha...