8 matches found
EUVD-2022-4343
Malicious code in bioql PyPI...
EUVD-2022-4167
Malicious code in bioql PyPI...
CVE-2020-2240
A cross-site request forgery CSRF vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to execute arbitrary SQL scripts...
CVE-2020-2241
A cross-site request forgery CSRF vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an attacker-specified database server using attacker-specified credentials...
SUSE CVE-2020-2241
A cross-site request forgery CSRF vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an attacker-specified database server using attacker-specified credentials...
GHSA-HJ36-V72X-CC6J Missing permission checks in Jenkins Database Plugin
A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified credentials. Database Plugin 1.7 requires Overall/Administer permission for the affected form...
CVE-2020-2241
A cross-site request forgery CSRF vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an attacker-specified database server using attacker-specified credentials...
CVE-2020-2240
CVE-2020-2240 pertains to Jenkins Database Plugin (versions ≤ 1.6). The issue is a CSRF vulnerability arising from a lack of proper origin validation, enabling an attacker to trigger unintended requests and execute arbitrary SQL scripts against the plugin’s database. Several sources (Red Hat, CNV...