55 matches found
CVE-2018-1000105
An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and earlier in GerritManagement.java, GerritServer.java, and PluginImpl.java that allows an attacker with Overall/Read access to retrieve some configuration information about Gerrit in Jenkins...
EUVD-2022-5632
Malicious code in bioql PyPI...
EUVD-2022-5387
Malicious code in bioql PyPI...
EUVD-2022-2436
Malicious code in bioql PyPI...
EUVD-2022-2449
Malicious code in bioql PyPI...
EUVD-2023-0422
Malicious code in bioql PyPI...
CVE-2023-24423
A cross-site request forgery CSRF vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit...
CVE-2019-16552
A missing permission check in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials, or determine the existence of a file with a given path on the Jenkins maste...
Cross-site request forgery in Jenkins Gerrit Trigger Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit...
GHSA-95JQ-24CR-PGRQ Cross-site request forgery in Jenkins Gerrit Trigger Plugin
A cross-site request forgery CSRF vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit...
CVE-2023-24423
A cross-site request forgery CSRF vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit...
CVE-2023-24423
A cross-site request forgery CSRF vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit...
Jenkins Plugin Gerrit Trigger 跨站请求伪造漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
CVE-2023-24423
A cross-site request forgery CSRF vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit...
CVE-2023-24423
The CVE-2023-24423 vulnerability affects Jenkins Gerrit Trigger Plugin
PT-2023-19583 · Jenkins · Jenkins Gerrit Trigger Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Gerrit Trigger Plugin versions 2.38.0 and earlier Description: A cross-site request forgery CSRF issue allows attackers to rebuild previous builds triggered by Gerrit. This can be exploited to manipulate build processes...
Missing permission check in Jenkins Gerrit Trigger Plugin
A missing permission check in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials, or determine the existence of a file with a given path on the Jenkins maste...
Cross-Site Request Forgery in Jenkins Gerrit Trigger Plugin
A cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials...
GHSA-VMVP-2HHX-RGM8 Cross-Site Request Forgery in Jenkins Gerrit Trigger Plugin
A cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials...