CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A cross-site request forgery CSRF vulnerability in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers to connect to an attacker-specified URL...

4.3CVSS7AI score0.00035EPSS

Exploits0References1

Vulnrichment•added 2023/05/16 6:2 p.m.•9 views

CVE-2023-2195 CSRF vulnerability and missing permission checks in Code Dx Plugin

A cross-site request forgery CSRF vulnerability in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers to connect to an attacker-specified URL...

4.3CVSS4.7AI score0.00035EPSS

Exploits0References1

Vulnrichment•added 2023/05/16 5:46 p.m.•6 views

CVE-2023-2196 Missing permission checks in Code Dx Plugin

A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Item/Read permission to check for the existence of an attacker-specified file path on an agent file system...

4.3CVSS4.6AI score0.0051EPSS

Exploits0References1

Positive Technologies•added 2023/05/16 12:0 a.m.•4 views

PT-2023-20615 · Jenkins · Credentials Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins Code Dx Plugin versions 3.1.0 and earlier Description: The issue concerns the storage and display of Code Dx server API keys. In affected versions, these keys are stored unencrypted in job config.xml files on the Jenkins controller an...

4.3CVSS4.4AI score0.00306EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by