Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:16 p.m.9 views

CVE-2018-1000188

A server-side request forgery vulnerability exists in Jenkins CAS Plugin 1.4.1 and older in CasSecurityRealm.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL...

5.5CVSS6.6AI score0.00608EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-2055

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.01584EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-1559

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00794EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 3:51 a.m.11 views

CVE-2023-32997

Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login...

8.8CVSS6.8AI score0.00794EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:11 p.m.7 views

CVE-2021-21673

Jenkins CAS Plugin 1.6.0 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks...

6.1CVSS6.7AI score0.01584EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/16 4:0 p.m.9 views

CVE-2023-32997

Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login...

8.7AI score0.00794EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/16 12:0 a.m.5 views

PT-2023-24128 · Jenkins · Jenkins Cas Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins CAS Plugin versions 1.6.2 and earlier Description: The issue allows attackers to use social engineering techniques to gain administrator access to Jenkins because the previous session is not invalidated on login. Recommendations: For...

8.8CVSS8.7AI score0.00794EPSS
Exploits0References7
CNVD
CNVD
added 2021/07/01 12:0 a.m.5 views

Jenkins CAS Plugin Input Validation Error Vulnerability

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plug-ins to support building, deploying and automating any project . An input validation error vulnerability exists in Jenkins CAS Plugin 1.6.0 and earlier versions, which stems from Jenki...

6.1CVSS6.4AI score0.01584EPSS
Exploits0References1
NVD
NVD
added 2021/06/30 5:15 p.m.23 views

CVE-2021-21673

Jenkins CAS Plugin 1.6.0 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks...

6.1CVSS0.01584EPSS
Exploits0References2
Rows per page
Query Builder