Lucene search
K

6 matches found

Github Security Blog
Github Security Blog
added 2022/05/14 3:45 a.m.21 views

CSRF vulnerability in Jenkins Translation Assistance plugin

Jenkins Translation Assistance Plugin 1.15 and earlier did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to override localized strings displayed to all users on the current Jenkins instance if the victim is a Jenkins administrator...

8.8CVSS6.7AI score0.00832EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/13 1:48 a.m.17 views

Jenkins z/OS Connector Plugin allows local attacker to retrieve configured password

A exposure of sensitive information vulnerability exists in Jenkins z/OS Connector Plugin 1.2.6.1 and earlier in SCLMSCM.java that allows an attacker with local file system access or control of a Jenkins administrator's web browser e.g. malicious extension to retrieve the configured password. IBM...

7.2CVSS3.5AI score0.01012EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2019/03/08 9:29 p.m.14 views

CVE-2019-1003038

An insufficiently protected credentials vulnerability exists in Jenkins Repository Connector Plugin 1.2.4 and earlier in src/main/java/org/jvnet/hudson/plugins/repositoryconnector/ArtifactDeployer.java, src/main/java/org/jvnet/hudson/plugins/repositoryconnector/Repository.java,...

7.8CVSS6.5AI score
Exploits0References2
Cvelist
Cvelist
added 2019/03/08 9:0 p.m.22 views

CVE-2019-1003038

An insufficiently protected credentials vulnerability exists in Jenkins Repository Connector Plugin 1.2.4 and earlier in src/main/java/org/jvnet/hudson/plugins/repositoryconnector/ArtifactDeployer.java, src/main/java/org/jvnet/hudson/plugins/repositoryconnector/Repository.java,...

7.6AI score0.00393EPSS
Exploits0References2
NVD
NVD
added 2018/01/23 2:29 p.m.28 views

CVE-2018-1000014

Jenkins Translation Assistance Plugin 1.15 and earlier did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to override localized strings displayed to all users on the current Jenkins instance if the victim is a Jenkins administrator...

8.8CVSS8.6AI score0.00832EPSS
Exploits0References2
OSV
OSV
added 2018/01/23 2:29 p.m.8 views

CVE-2018-1000014

Jenkins Translation Assistance Plugin 1.15 and earlier did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to override localized strings displayed to all users on the current Jenkins instance if the victim is a Jenkins administrator...

8.8CVSS8.8AI score
Exploits0References2
Rows per page
Query Builder