Lucene search
K

30 matches found

CVE
CVE
added 2022/03/29 12:30 p.m.121 views

CVE-2022-28140

CVE-2022-28140 affects Jenkins Flaky Test Handler Plugin, version 1.2.1 and earlier. The root cause is that the plugin’s XML parser is not configured to prevent XML external entity (XXE) attacks. Per CNVD/GHSA, this XXE issue can enable an attacker to extract secrets from the Jenkins controller (...

8.1CVSS7.9AI score0.00972EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2022/03/29 12:0 a.m.3 views

Jenkins Flaky Test Handler Plugin 代码问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project. jenkins Plugin is an application. jenkins Flaky Test Handler Plugin 1.2.1...

8.1CVSS5.7AI score0.00972EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2022/03/29 12:0 a.m.4 views

PT-2022-18839 · Jenkins · Jenkins Flaky Test Handler Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Flaky Test Handler Plugin versions 1.2.1 and earlier Description: The issue is related to the configuration of the XML parser, which does not prevent XML external entity XXE attacks. This allows for potential exploitation...

8.1CVSS7.7AI score0.00972EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2021/04/01 12:0 a.m.6 views

The vulnerability of the “Deflake this build” function in the Jenkins Flaky Test Handler Plugin allows a perpetrator to perform cross-site fraudulently.

The vulnerability of the “Deflake this build” function in the Jenkins Flaky Test Handler Plugin is related to the lack of protection against Cross-Site Request Forgery CSRF attacks. Exploiting this vulnerability allows a malicious actor to perform CSRF attacks remotely...

5CVSS5.5AI score0.00679EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2020/08/14 12:0 a.m.3 views

CloudBees Jenkins Flaky Test Handler Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site request forgery...

4.3CVSS6.9AI score0.00679EPSS
Exploits0References1
OSV
OSV
added 2020/08/12 2:15 p.m.14 views

CVE-2020-2237

A cross-site request forgery CSRF vulnerability in Jenkins Flaky Test Handler Plugin 1.0.4 and earlier allows attackers to rebuild a project at a previous git revision...

4.3CVSS6.7AI score
Exploits0References2
NVD
NVD
added 2020/08/12 2:15 p.m.20 views

CVE-2020-2237

A cross-site request forgery CSRF vulnerability in Jenkins Flaky Test Handler Plugin 1.0.4 and earlier allows attackers to rebuild a project at a previous git revision...

4.3CVSS4.6AI score0.00679EPSS
Exploits0References2
Prion
Prion
added 2020/08/12 2:15 p.m.18 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Flaky Test Handler Plugin 1.0.4 and earlier allows attackers to rebuild a project at a previous git revision...

4.3CVSS4.6AI score0.00679EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/08/12 1:25 p.m.20 views

CVE-2020-2237

A cross-site request forgery CSRF vulnerability in Jenkins Flaky Test Handler Plugin 1.0.4 and earlier allows attackers to rebuild a project at a previous git revision...

4.5AI score0.00679EPSS
Exploits0References2
CVE
CVE
added 2020/08/12 1:25 p.m.72 views

CVE-2020-2237

The CVE-2020-2237 entry pertains to a CSRF vulnerability in Jenkins Flaky Test Handler Plugin (versions 1.0.4 and earlier). The flaw allows an attacker to trigger a rebuild of a project at a previous git revision via the plugin's Deflake this build feature due to insufficient request validation. ...

4.3CVSS4.5AI score0.00679EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder