10 matches found
EUVD-2023-1151
Malicious code in bioql PyPI...
EUVD-2022-0661
Malicious code in bioql PyPI...
CVE-2023-30532
A missing permission check in Jenkins TurboScript Plugin 1.3 and earlier allows attackers with Item/Read permission to trigger builds of jobs corresponding to the attacker-specified repository...
CVE-2023-30522
A missing permission check in Jenkins Fogbugz Plugin 2.2.17 and earlier allows attackers with Item/Read permission to trigger builds of jobs specified in a 'jobname' request parameter...
BIT-JENKINS-2021-21670
Jenkins LTS 2.289.1 and earlier allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when they do not have Item/Read permission...
CVE-2023-30532
A missing permission check in Jenkins TurboScript Plugin 1.3 and earlier allows attackers with Item/Read permission to trigger builds of jobs corresponding to the attacker-specified repository...
CVE-2023-30522
The CVE-2023-30522 entry refers to a missing permission check in Jenkins Fogbugz Plugin (versions 2.2.17 and earlier) that allows attackers with Item/Read permission to trigger builds of specified jobs via the webhook endpoint at /fbTrigger/. The connected sources (NVD/NASL/Tenable/Red Hat adviso...
CVE-2023-30521
A missing permission check in Jenkins Assembla merge request builder Plugin 1.1.13 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository...
CVE-2022-45385
A missing permission check in Jenkins CloudBees Docker Hub/Registry Notification Plugin 2.6.2 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository...
CVE-2022-45389
A missing permission check in Jenkins XP-Dev Plugin 1.0 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to an attacker-specified repository...