Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:15 p.m.10 views

CVE-2018-1000105

An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and earlier in GerritManagement.java, GerritServer.java, and PluginImpl.java that allows an attacker with Overall/Read access to retrieve some configuration information about Gerrit in Jenkins...

4.3CVSS6.3AI score0.00676EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-5387

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00691EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.18 views

EUVD-2023-0422

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00487EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-2436

Malicious code in bioql PyPI...

5.5CVSS5.6AI score0.00622EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 3:21 a.m.9 views

CVE-2023-24423

A cross-site request forgery CSRF vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit...

6.5CVSS6.7AI score0.00487EPSS
Exploits0References1
NVD
NVD
added 2023/01/26 9:18 p.m.60 views

CVE-2023-24423

A cross-site request forgery CSRF vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit...

6.5CVSS6.4AI score0.00487EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/24 12:0 a.m.3 views

PT-2023-19583 · Jenkins · Jenkins Gerrit Trigger Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Gerrit Trigger Plugin versions 2.38.0 and earlier Description: A cross-site request forgery CSRF issue allows attackers to rebuild previous builds triggered by Gerrit. This can be exploited to manipulate build processes...

6.5CVSS6.3AI score0.00487EPSS
Exploits0References6
Cvelist
Cvelist
added 2023/01/24 12:0 a.m.52 views

CVE-2023-24423

A cross-site request forgery CSRF vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit...

6.6AI score0.00487EPSS
Exploits0References1
OSV
OSV
added 2022/04/13 12:0 a.m.27 views

GHSA-455J-8HG5-8576 Stored Cross-site Scripting vulnerability in Jenkins Gerrit Trigger Plugin

Jenkins Gerrit Trigger Plugin 2.35.2 and earlier does not escape the name and description of parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. Exploitation of these vulnerabilities...

8CVSS5.7AI score0.00798EPSS
Exploits0References4
NVD
NVD
added 2022/04/12 8:15 p.m.25 views

CVE-2022-29039

Jenkins Gerrit Trigger Plugin 2.35.2 and earlier does not escape the name and description of Base64 Encoded String parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS0.00798EPSS
Exploits0References1
Prion
Prion
added 2022/04/12 8:15 p.m.23 views

Cross site scripting

Jenkins Gerrit Trigger Plugin 2.35.2 and earlier does not escape the name and description of Base64 Encoded String parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

3.5CVSS5.3AI score0.00798EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/12/17 3:15 p.m.33 views

CVE-2019-16551

A cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials...

8.8CVSS8.6AI score0.00691EPSS
Exploits0References2
Prion
Prion
added 2019/12/17 3:15 p.m.21 views

Cross site request forgery (csrf)

A cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials...

6.8CVSS8.6AI score0.00691EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/12/17 2:40 p.m.29 views

CVE-2019-16552

A missing permission check in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials, or determine the existence of a file with a given path on the Jenkins maste...

5.3AI score0.00622EPSS
Exploits0References2
CVE
CVE
added 2019/12/17 2:40 p.m.71 views

CVE-2019-16552

CVE-2019-16552 affects Jenkins Gerrit Trigger Plugin (versions 2.30.1 and earlier). Root cause: a missing permission check allows attackers with Overall/Read to connect to an attacker-specified HTTP/SSH endpoint using attacker-specified credentials, and to determine the existence of a file on the...

5.5CVSS5.3AI score0.00622EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/12/17 2:40 p.m.27 views

CVE-2019-16551

A cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials...

8.7AI score0.00691EPSS
Exploits0References2
NVD
NVD
added 2018/03/13 1:29 p.m.32 views

CVE-2018-1000105

An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and earlier in GerritManagement.java, GerritServer.java, and PluginImpl.java that allows an attacker with Overall/Read access to retrieve some configuration information about Gerrit in Jenkins...

4.3CVSS4.4AI score0.00676EPSS
Exploits0References1
Rows per page
Query Builder