Lucene search
+L

13 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6358

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00609EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.22 views

EUVD-2022-6410

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00891EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-6355

Malicious code in bioql PyPI...

8CVSS7.8AI score0.0047EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 11:5 p.m.9 views

CVE-2022-34792

A cross-site request forgery CSRF vulnerability in Jenkins Recipe Plugin 1.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML...

8CVSS6.8AI score0.0047EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:3 p.m.19 views

CVE-2022-34793

Jenkins Recipe Plugin 1.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.8CVSS6.7AI score0.00891EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:2 p.m.8 views

CVE-2022-34794

Missing permission checks in Jenkins Recipe Plugin 1.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML...

6.5CVSS6.6AI score0.00609EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2022/07/01 12:1 a.m.28 views

Missing Authorization in Jenkins Recipe Plugin

Missing permission checks in Jenkins Recipe Plugin 1.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML. Additionally, the plugin allows users to export the full configuration of jobs as part of a recipe,...

6.5CVSS6AI score0.00609EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/07/01 12:1 a.m.19 views

GHSA-J33R-CGM6-PV48 Missing Authorization in Jenkins Recipe Plugin

Missing permission checks in Jenkins Recipe Plugin 1.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML. Additionally, the plugin allows users to export the full configuration of jobs as part of a recipe,...

7.1CVSS6.5AI score0.00609EPSS
Exploits0References3
NVD
NVD
added 2022/06/30 6:15 p.m.24 views

CVE-2022-34792

A cross-site request forgery CSRF vulnerability in Jenkins Recipe Plugin 1.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML...

8CVSS0.0047EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/06/30 6:15 p.m.1 views

CVE-2022-34793

Jenkins Recipe Plugin 1.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.8CVSS5.9AI score0.00891EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/06/30 5:47 p.m.40 views

CVE-2022-34793

Jenkins Recipe Plugin 1.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

8.9AI score0.00891EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/06/30 5:47 p.m.28 views

CVE-2022-34792

A cross-site request forgery CSRF vulnerability in Jenkins Recipe Plugin 1.2 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML...

8.1AI score0.0047EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/06/30 12:0 a.m.5 views

PT-2022-22345 · Jenkins · Jenkins Recipe Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Recipe Plugin versions 1.2 and earlier Description: The issue is related to the configuration of the XML parser, which does not prevent XML external entity XXE attacks. This allows for potential exploitation. Recommendations: For...

8.8CVSS8.4AI score0.00891EPSS
Exploits0References5
Rows per page
Query Builder