Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:15 p.m.9 views

CVE-2018-1000011

Jenkins FindBugs Plugin 4.71 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks...

8.8CVSS6.7AI score0.00946EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-4815

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00946EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-1902

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00852EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 4:30 p.m.10 views

CVE-2020-2317

Jenkins FindBugs Plugin 5.0.0 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to Jenkins FindBugs Plugin's post build step...

5.4CVSS5.4AI score0.00852EPSS
Exploits0
NVD
NVD
added 2020/11/04 3:15 p.m.35 views

CVE-2020-2317

Jenkins FindBugs Plugin 5.0.0 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to Jenkins FindBugs Plugin's post build step...

5.4CVSS5.2AI score0.00852EPSS
Exploits0References1
Prion
Prion
added 2020/11/04 3:15 p.m.16 views

Cross site scripting

Jenkins FindBugs Plugin 5.0.0 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to Jenkins FindBugs Plugin's post build step...

3.5CVSS5.2AI score0.00852EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2020/11/04 12:0 a.m.5 views

PT-2020-15551 · Jenkins · Jenkins Findbugs Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins FindBugs Plugin versions 5.0.0 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the annotation message in tooltips is not properly escaped, allowing attackers to injec...

5.4CVSS5.1AI score0.00852EPSS
Exploits0References7
AlpineLinux
AlpineLinux
added 2018/01/23 2:0 p.m.30 views

CVE-2018-1000011

Jenkins FindBugs Plugin 4.71 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks...

8.8CVSS5.4AI score0.00946EPSS
Exploits0References1
Rows per page
Query Builder