4 matches found
EUVD-2026-37897
Woodpecker is a CI/CD engine. Starting in version 3.0.0 and prior to version 3.14.1, a vulnerability in Woodpecker CI's gRPC layer allowed any authenticated agent to impersonate any other agent on the same server by injecting a forged agentid value into outgoing gRPC metadata. The server correctl...
Improper Verification of Cryptographic Signature
Overview net.gleske:jervis is a Self service Jenkins job generation using Jenkins Job DSL plugin groovy scripts. Reads .jervis.yml and generates a job in Jenkins. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the JWT verification process. ...
VulnCheck KEV: CVE-2024-36111
KubePi is a K8s panel. Starting in version 1.6.3 and prior to version 1.8.0, there is a defect in the KubePi JWT token verification. The JWT key in the default configuration file is empty. Although a random 32-bit string will be generated to overwrite the key in the configuration file when the...
Exploit for Authentication Bypass by Spoofing in Python-Jwt_Project Python-Jwt
CVE-2022-39227 CVE-2022-39227 : Proof of Concept Proof of co...