Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-5490

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.01041EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-0334

Malicious code in bioql PyPI...

4.3CVSS4.7AI score0.00691EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2024/01/24 6:31 p.m.7 views

aendter.jenkins.plugins:filesystem-list-parameter-plugin (=0.0.6), br.com.ingenieux.jenkins.plugins:codecommit-url-helper (=0.0.1) +192 more potentially affected by CVE-2024-23900 via org.jenkins-ci.plugins:matrix-project (>=1.0 <=822.v01b_8c85d16d2)

org.jenkins-ci.plugins:matrix-project MAVEN version =1.0, =1.0.5.0, =0.2, =1.0.0, =1.9.2-beta, =0.5, =1.29, =1.14.0, =4.1.1, =1.1.1, =1.0.0, =1.0.1, =1.1.3, =1.7.2, =1.8.2 and more Source cves: CVE-2024-23900 Source advisory: OSV:GHSA-CJGM-9VC9-56MX...

4.3CVSS5.8AI score0.00691EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/01/24 5:52 p.m.2 views

CVE-2024-23900

Jenkins Matrix Project Plugin 822.v01b8c85d16d2 and earlier does not sanitize user-defined axis names of multi-configuration projects, allowing attackers with Item/Configure permission to create or replace any config.xml files on the Jenkins controller file system with content not controllable by...

6.9AI score0.00691EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2022/05/24 5:23 p.m.4 views

aendter.jenkins.plugins:filesystem-list-parameter-plugin (=0.0.6), com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9) +33 more potentially affected by CVE-2020-2224 via org.jenkins-ci.plugins:matrix-project (>=1.0 <=1.14)

org.jenkins-ci.plugins:matrix-project MAVEN version =1.0, =1.9.2-beta, =0.5, =1.28, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.0, =1.4.2, =0.34, =1.561, =1.599 - org.jenkins-ci.plugins:Matrix-sorter-plugin =1.3 and more Source cves: CVE-2020-2224 Source advisory: OSV:GHSA-H6QC-455M-7V6V...

5.4CVSS6.4AI score0.00919EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/01/12 8:15 p.m.6 views

CVE-2022-20615

Jenkins Matrix Project Plugin 1.19 and earlier does not escape HTML metacharacters in node and label names, and label descriptions, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure permission...

5.4CVSS6.5AI score0.81842EPSS
Exploits0References4
VulnCheck KEV
VulnCheck KEV
added 2021/10/13 12:0 a.m.3 views

VulnCheck KEV: CVE-2019-1003030

Jenkins Matrix Project plugin contains a vulnerability which can allow users to escape the sandbox, opening opportunity to perform remote code execution...

9.9CVSS7.7AI score0.75594EPSS
Exploits4References1
Veracode
Veracode
added 2019/05/16 3:58 a.m.29 views

Sandbox Protection Bypass

Jenkins Matrix Project Plugin is vulnerable to sandbox protection bypass vulnerability. This exists in the src/main/java/hudson/matrix/FilterScript.java which allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM...

9.9CVSS9.5AI score0.03394EPSS
Exploits0References4Affected Software1
RedHat Linux
RedHat Linux
added 2019/04/10 6:34 p.m.8 views

jenkins-matrix-project-plugin: sandbox bypass in matrix project plugin

A flaw was found in the Jenkins Matrix Project plugin version 1.13. An attacker with Job/Configure permission can bypass the sandbox and can execute arbitrary code on the Jenkins master JVM. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

9.9CVSS6.1AI score0.03394EPSS
Exploits0References5
Prion
Prion
added 2019/03/08 9:29 p.m.23 views

Security feature bypass

A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin 1.13 and earlier in pom.xml, src/main/java/hudson/matrix/FilterScript.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM...

6.5CVSS9.7AI score0.03394EPSS
Exploits0References3Affected Software2
OpenVAS
OpenVAS
added 2015/07/07 12:0 a.m.28 views

Fedora Update for jenkins-matrix-project-plugin FEDORA-2015-5643

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.7AI score0.02523EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/01/05 12:0 a.m.14 views

Fedora Update for jenkins-matrix-project-plugin FEDORA-2014-15776

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Rows per page
Query Builder