Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-3876

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.01296EPSS
Exploits0References4
OSV
OSV
added 2022/05/13 1:15 a.m.14 views

GHSA-2R46-CWGM-VVJX Missing permission check in Jenkins jenkins-reviewbot Plugin

A missing permission check in Jenkins jenkins-reviewbot Plugin in the ReviewboardDescriptordoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

6.5CVSS6.3AI score0.01486EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/13 1:15 a.m.19 views

Missing permission check in Jenkins jenkins-reviewbot Plugin

A missing permission check in Jenkins jenkins-reviewbot Plugin in the ReviewboardDescriptordoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

6.5CVSS6.5AI score0.01486EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2019/04/15 12:0 a.m.4 views

CloudBees Jenkins jenkins-reviewbot plugin cross-site request forgery vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . jenkins-reviewbot Plugin is used in one o...

6.5CVSS6.8AI score0.01296EPSS
Exploits0References1
CVE
CVE
added 2019/04/04 3:38 p.m.63 views

CVE-2019-10279

The CVE-2019-10279 entry describes a missing permission check in the Jenkins jenkins-reviewbot Plugin, specifically in the ReviewboardDescriptor#doTestConnection form validation. This allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server. Concrete ...

6.5CVSS6.2AI score0.01486EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2019/04/04 3:38 p.m.59 views

CVE-2019-10278

CVE-2019-10278 affects the Jenkins jenkins-reviewbot plugin, specifically the ReviewboardDescriptor#doTestConnection form validation. The vulnerability is a cross-site request forgery (CSRF) that allows an attacker to initiate a connection to an attacker-specified server. The root cause is insuff...

6.5CVSS6.3AI score0.01296EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder