Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:48 a.m.8 views

CVE-2022-27201

Jenkins Semantic Versioning Plugin 1.13 and earlier does not restrict execution of an controller/agent message to agents, and implements no limitations about the file path that can be parsed, allowing attackers able to control agent processes to have Jenkins parse a crafted file that uses externa...

6.5CVSS6.7AI score0.01347EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2023/01/26 9:30 p.m.32 views

Agent-to-controller security bypass in Jenkins Semantic Versioning Plugin

Jenkins Semantic Versioning Plugin 1.14 and earlier does not restrict execution of an controller/agent message to agents, and implements no limitations about the file path that can be parsed, allowing attackers able to control agent processes to have Jenkins parse a crafted file that uses externa...

9.8CVSS8.9AI score0.01314EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2023/01/26 9:18 p.m.36 views

CVE-2023-24429

Jenkins Semantic Versioning Plugin 1.14 and earlier does not restrict execution of an controller/agent message to agents, and implements no limitations about the file path that can be parsed, allowing attackers able to control agent processes to have Jenkins parse a crafted file that uses externa...

9.8CVSS9.4AI score0.01314EPSS
Exploits0References1
Prion
Prion
added 2022/03/15 5:15 p.m.19 views

Server side request forgery (ssrf)

Jenkins Semantic Versioning Plugin 1.13 and earlier does not restrict execution of an controller/agent message to agents, and implements no limitations about the file path that can be parsed, allowing attackers able to control agent processes to have Jenkins parse a crafted file that uses externa...

4CVSS6.4AI score0.01347EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder