Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6761

Malicious code in bioql PyPI...

9.8CVSS9AI score0.00879EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6974

Malicious code in bioql PyPI...

9.8CVSS9AI score0.0136EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 1:14 a.m.7 views

CVE-2022-41238

A missing permission check in Jenkins DotCi Plugin 2.40.00 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository for attacker-specified commits...

9.8CVSS6.8AI score0.00879EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:42 p.m.4 views

CVE-2022-41239

Jenkins DotCi Plugin 2.40.00 and earlier does not escape the GitHub user name parameter provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripting XSS vulnerability...

5.4CVSS5AI score0.00587EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:42 p.m.11 views

CVE-2022-41237

Jenkins DotCi Plugin 2.40.00 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...

9.8CVSS7.7AI score0.0136EPSS
Exploits0References1
NVD
NVD
added 2022/09/21 4:15 p.m.30 views

CVE-2022-41238

A missing permission check in Jenkins DotCi Plugin 2.40.00 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository for attacker-specified commits...

9.8CVSS0.00879EPSS
Exploits0References1
NVD
NVD
added 2022/09/21 4:15 p.m.17 views

CVE-2022-41237

Jenkins DotCi Plugin 2.40.00 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...

9.8CVSS0.0136EPSS
Exploits0References1
Prion
Prion
added 2022/09/21 4:15 p.m.21 views

Cross site scripting

Jenkins DotCi Plugin 2.40.00 and earlier does not escape the GitHub user name parameter provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripting XSS vulnerability...

4.9CVSS5.2AI score0.00587EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/21 3:45 p.m.6 views

CVE-2022-41239

Jenkins DotCi Plugin 2.40.00 and earlier does not escape the GitHub user name parameter provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripting XSS vulnerability...

5.5AI score0.00587EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/09/21 3:45 p.m.31 views

CVE-2022-41238

A missing permission check in Jenkins DotCi Plugin 2.40.00 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository for attacker-specified commits...

9.7AI score0.00879EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/09/21 3:45 p.m.7 views

CVE-2022-41238

A missing permission check in Jenkins DotCi Plugin 2.40.00 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository for attacker-specified commits...

9.5AI score0.00879EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/09/21 3:45 p.m.5 views

CVE-2022-41237

Jenkins DotCi Plugin 2.40.00 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability...

7.7AI score0.0136EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/09/21 12:0 a.m.6 views

PT-2022-25754 · Jenkins · Jenkins +1

Name of the Vulnerable Software and Affected Versions: Jenkins DotCi Plugin versions 2.40.00 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability due to the failure to escape the GitHub user name parameter provided to commit notifications when displaying...

5.4CVSS5.2AI score0.00587EPSS
Exploits0References9
CNNVD
CNNVD
added 2022/09/21 12:0 a.m.4 views

Jenkins DotCi Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

9.8CVSS8.3AI score0.00879EPSS
Exploits0References3
Rows per page
Query Builder