Lucene search
+L

8 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.10 views

EUVD-2022-2824

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.01296EPSS
Exploits0References4
redhatcve
redhatcve
added 2025/05/23 1:25 a.m.8 views

CVE-2022-25208

A missing permission check in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers with Overall/Read permission to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response...

8.8CVSS6.6AI score0.01097EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 12:4 a.m.9 views

CVE-2022-25207

A cross-site request forgery CSRF vulnerability in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response...

8.8CVSS6.8AI score0.00717EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 10:36 p.m.6 views

CVE-2022-25209

Jenkins Chef Sinatra Plugin 1.20 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.8CVSS6.7AI score0.01107EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 10:7 a.m.11 views

CVE-2019-1003086

A cross-site request forgery vulnerability in Jenkins Chef Sinatra Plugin in the ChefBuilderConfiguration.DescriptorImpldoTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server...

6.5CVSS6.6AI score0.01296EPSS
Exploits0References1
nvd
nvd
added 2022/02/15 5:15 p.m.37 views

CVE-2022-25209

Jenkins Chef Sinatra Plugin 1.20 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.8CVSS0.01107EPSS
Exploits0References1
attackerkb
attackerkb
added 2022/02/15 5:15 p.m.6 views

CVE-2022-25207

A cross-site request forgery CSRF vulnerability in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response...

8.8CVSS7.3AI score0.00717EPSS
Exploits0References3
cvelist
cvelist
added 2022/02/15 4:11 p.m.42 views

CVE-2022-25209

Jenkins Chef Sinatra Plugin 1.20 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.9AI score0.01107EPSS
Exploits0References1
Rows per page
Query Builder