6 matches found
EUVD-2022-3876
Malicious code in bioql PyPI...
GHSA-2R46-CWGM-VVJX Missing permission check in Jenkins jenkins-reviewbot Plugin
A missing permission check in Jenkins jenkins-reviewbot Plugin in the ReviewboardDescriptordoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...
Missing permission check in Jenkins jenkins-reviewbot Plugin
A missing permission check in Jenkins jenkins-reviewbot Plugin in the ReviewboardDescriptordoTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...
CloudBees Jenkins jenkins-reviewbot plugin cross-site request forgery vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . jenkins-reviewbot Plugin is used in one o...
CVE-2019-10279
The CVE-2019-10279 entry describes a missing permission check in the Jenkins jenkins-reviewbot Plugin, specifically in the ReviewboardDescriptor#doTestConnection form validation. This allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server. Concrete ...
CVE-2019-10278
CVE-2019-10278 affects the Jenkins jenkins-reviewbot plugin, specifically the ReviewboardDescriptor#doTestConnection form validation. The vulnerability is a cross-site request forgery (CSRF) that allows an attacker to initiate a connection to an attacker-specified server. The root cause is insuff...