Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:30 a.m.7 views

CVE-2019-16540

A path traversal vulnerability in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete arbitrary files on the Jenkins master...

6.5CVSS6.7AI score0.01606EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2022-0841

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00951EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-4279

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00715EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-1970

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.01606EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-3275

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.01206EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 12:17 a.m.10 views

CVE-2022-45383

An incorrect permission check in Jenkins Support Core Plugin 1206.v14049fabd860 and earlier allows attackers with Support/DownloadBundle permission to download a previously created support bundle containing information limited to users with Overall/Administer permission...

6.5CVSS6.3AI score0.00649EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:4 a.m.8 views

CVE-2022-25187

Jenkins Support Core Plugin 2.79 and earlier does not redact some sensitive information in the support bundle...

6.5CVSS6.3AI score0.00951EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:11 p.m.8 views

CVE-2021-21621

Jenkins Support Core Plugin 2.72 and earlier provides the serialized user authentication as part of the "About user basic authentication details only" information, which can include the session ID of the user creating the support bundle in some configurations...

5.3CVSS7AI score0.01206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:16 a.m.9 views

CVE-2019-16539

A missing permission check in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete support bundles...

6.5CVSS6.6AI score0.00715EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:8 a.m.4 views

SUSE CVE-2019-16539

A missing permission check in Jenkins Support Core Plugin 2.63 and earlier allows attackers with Overall/Read permission to delete support bundles...

6.5CVSS6.3AI score0.00715EPSS
Exploits0References3
NVD
NVD
added 2022/11/15 8:15 p.m.24 views

CVE-2022-45383

An incorrect permission check in Jenkins Support Core Plugin 1206.v14049fabd860 and earlier allows attackers with Support/DownloadBundle permission to download a previously created support bundle containing information limited to users with Overall/Administer permission...

6.5CVSS0.00649EPSS
Exploits0References2
Prion
Prion
added 2022/11/15 8:15 p.m.17 views

Code injection

An incorrect permission check in Jenkins Support Core Plugin 1206.v14049fabd860 and earlier allows attackers with Support/DownloadBundle permission to download a previously created support bundle containing information limited to users with Overall/Administer permission...

4CVSS6.1AI score0.00649EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/15 12:0 a.m.6 views

CVE-2022-45383

An incorrect permission check in Jenkins Support Core Plugin 1206.v14049fabd860 and earlier allows attackers with Support/DownloadBundle permission to download a previously created support bundle containing information limited to users with Overall/Administer permission...

6.3AI score0.00649EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2022/02/16 12:1 a.m.34 views

Jenkins Support Core Plugin stores sensitive data in plain text

Jenkins Support Core Plugin 2.79 and earlier does not redact some sensitive information in the support bundle. Support Core Plugin 2.79.1 adds a list of keywords whose associated values are redacted...

6.5CVSS6AI score0.00951EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2022/02/15 5:15 p.m.17 views

Design/Logic Flaw

Jenkins Support Core Plugin 2.79 and earlier does not redact some sensitive information in the support bundle...

4CVSS6.2AI score0.00951EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2021/02/26 12:0 a.m.8 views

CloudBees Jenkins Support Core Plugin Information Disclosure Vulnerability

Jenkins Support Core is a Jenkins open source application plugin . Provides in Jenkins to generate support information "bundle" of the basic infrastructure . An information disclosure vulnerability exists in Jenkins Support Core Plugin version 2.72 and earlier. The vulnerability stems from the...

5.3CVSS6.2AI score0.01206EPSS
Exploits0References1
Rows per page
Query Builder