30 matches found
CVE-2022-28140
CVE-2022-28140 affects Jenkins Flaky Test Handler Plugin, version 1.2.1 and earlier. The root cause is that the plugin’s XML parser is not configured to prevent XML external entity (XXE) attacks. Per CNVD/GHSA, this XXE issue can enable an attacker to extract secrets from the Jenkins controller (...
Jenkins Flaky Test Handler Plugin 代码问题漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project. jenkins Plugin is an application. jenkins Flaky Test Handler Plugin 1.2.1...
PT-2022-18839 · Jenkins · Jenkins Flaky Test Handler Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Flaky Test Handler Plugin versions 1.2.1 and earlier Description: The issue is related to the configuration of the XML parser, which does not prevent XML external entity XXE attacks. This allows for potential exploitation...
The vulnerability of the “Deflake this build” function in the Jenkins Flaky Test Handler Plugin allows a perpetrator to perform cross-site fraudulently.
The vulnerability of the “Deflake this build” function in the Jenkins Flaky Test Handler Plugin is related to the lack of protection against Cross-Site Request Forgery CSRF attacks. Exploiting this vulnerability allows a malicious actor to perform CSRF attacks remotely...
CloudBees Jenkins Flaky Test Handler Plugin Cross-Site Request Forgery Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site request forgery...
CVE-2020-2237
A cross-site request forgery CSRF vulnerability in Jenkins Flaky Test Handler Plugin 1.0.4 and earlier allows attackers to rebuild a project at a previous git revision...
CVE-2020-2237
A cross-site request forgery CSRF vulnerability in Jenkins Flaky Test Handler Plugin 1.0.4 and earlier allows attackers to rebuild a project at a previous git revision...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins Flaky Test Handler Plugin 1.0.4 and earlier allows attackers to rebuild a project at a previous git revision...
CVE-2020-2237
A cross-site request forgery CSRF vulnerability in Jenkins Flaky Test Handler Plugin 1.0.4 and earlier allows attackers to rebuild a project at a previous git revision...
CVE-2020-2237
The CVE-2020-2237 entry pertains to a CSRF vulnerability in Jenkins Flaky Test Handler Plugin (versions 1.0.4 and earlier). The flaw allows an attacker to trigger a rebuild of a project at a previous git revision via the plugin's Deflake this build feature due to insufficient request validation. ...