10 matches found
RHCOS 4 : OpenShift Container Platform 4.6.59 (RHSA-2022:4947)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4947 advisory. - cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 - credentials: Stored XSS vulnerabilities in jenkin...
CVE-2022-27213
Jenkins Environment Dashboard Plugin 1.1.10 and earlier does not escape the Environment order and the Component order configuration values in its views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Configure permission...
CVE-2022-27200
Jenkins Folder-based Authorization Strategy Plugin 1.3 and earlier does not escape the names of roles shown on the configuration form, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Overall/Administer permission...
EUVD-2022-1405
Malicious code in bioql PyPI...
EUVD-2022-7515
Malicious code in bioql PyPI...
EUVD-2022-0585
Malicious code in bioql PyPI...
CVE-2024-52552
Jenkins Authorize Project Plugin 1.7.2 and earlier evaluates a string containing the job name with JavaScript on the Authorization view, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2022-45387
Jenkins BART Plugin 1.0.3 and earlier does not escape the parsed content of build logs before rendering it on the Jenkins UI, resulting in a stored cross-site scripting XSS vulnerability...
CVE-2022-34176
Jenkins JUnit Plugin 1119.vaa5e9068dad7 and earlier does not escape descriptions of test results, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Run/Update permission...
CVE-2020-2269
Jenkins chosen-views-tabbar Plugin 1.2 and earlier does not escape view names in the dropdown to select views, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with the ability to configure views...