6 matches found
EUVD-2022-6370
Malicious code in bioql PyPI...
CVE-2022-36916
A cross-site request forgery CSRF vulnerability in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers to request a manual backup...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers to request a manual backup...
CVE-2022-36917
CVE-2022-36917 affects Jenkins Google Cloud Backup Plugin 0.6 and earlier, where a missing permission check in an HTTP endpoint allows attackers with Overall/Read to request a manual backup. The issue can enable CSRF exposure due to non-POST endpoint usage and, per PT-security notes, may enable c...
CVE-2022-36916
A cross-site request forgery CSRF vulnerability in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers to request a manual backup...
CVE-2022-36916
CVE-2022-36916 is a CSRF vulnerability in Jenkins Google Cloud Backup Plugin versions 0.6 and earlier. The issue stems from a missing permission check in an HTTP endpoint, which also does not require POST requests, enabling an attacker to trigger a manual backup. The NVD entry assigns a high impa...