CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

Tenable Nessus•added 2026/05/04 12:0 a.m.•4 views

RHCOS 3 : Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2019:1423)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1423 advisory. - jenkins-plugin-script-security: Sandbox bypass in Script Security Plugin and Pipeline: Groovy Plugin SECURITY-1353 CVE-2019-100304...

9.8CVSS5.8AI score0.01799EPSS

Exploits0References8

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-5621

Malicious code in bioql PyPI...

5.4CVSS5.9AI score0.00088EPSS

Exploits0References7

RedhatCVE•added 2025/05/22 4:3 p.m.•10 views

CVE-2020-2281

A cross-site request forgery CSRF vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources...

5.8CVSS6.7AI score0.00122EPSS

Exploits0

vulnersOsv•added 2022/11/16 12:0 p.m.•0 views

com.sonyericsson.hudson.plugins.rebuild:rebuild (>=320.v5a_0933a_e7d61 <=332.va_1ee476d8f6d), jp.ikedam.jenkins.plugins:scoring-load-balancer (=70.v7896fb_81f0c1) +5 more potentially affected by CVE-2022-45380 via org.jenkins-ci.plugins:junit (=1119.1121.vc43d0fc45561)

org.jenkins-ci.plugins:junit MAVEN version =1119.1121.vc43d0fc45561 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:junit and may be impacted: - com.sonyericsson.hudson.plugins.rebuild:rebuild =320.v5a0933ae7d61,...

5.4CVSS6AI score0.02201EPSS

Exploits0

vulnersOsv•added 2022/05/24 5:29 p.m.•2 views

org.waveywaves.jenkins.plugins:tekton-client (=1.1.0) potentially affected by CVE-2020-2281 via org.6wind.jenkins:lockable-resources (=2.3)

org.6wind.jenkins:lockable-resources MAVEN version =2.3 is affected by a known vulnerability. The following packages have a transitive dependency on org.6wind.jenkins:lockable-resources and may be impacted: - org.waveywaves.jenkins.plugins:tekton-client =1.1.0 Source cves: CVE-2020-2281 Source...

5.8CVSS6AI score0.00122EPSS

Exploits0

OSV•added 2022/05/24 5:29 p.m.•19 views

GHSA-RVWW-W62M-HCH8 CSRF vulnerability in Jenkins Lockable Resources Plugin

Lockable Resources Plugin 2.8 and earlier does not require POST requests for several HTTP endpoints, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to reserve, unreserve, unlock, and reset resources. Lockable Resources Plugin 2.9 requires POST...

5.4CVSS5.4AI score0.00122EPSS

Exploits0References5

Github Security Blog•added 2022/05/24 5:29 p.m.•15 views

CSRF vulnerability in Jenkins Lockable Resources Plugin

5.8CVSS5.5AI score0.00122EPSS

Exploits0References5Affected Software1

Github Security Blog•added 2022/05/13 1:25 a.m.•18 views

Jenkins Lockable Resources Plugin XSS vulnerability

A cross site scripting vulnerability in Jenkins Lockable Resources Plugin 2.4 and earlier allows attackers able to control resource names to inject arbitrary JavaScript in web pages rendered by the plugin...

5.4CVSS5.9AI score0.00088EPSS

Exploits0References7Affected Software1

OSV•added 2022/05/13 1:25 a.m.•15 views

GHSA-WQJJ-C9CX-Q7CF Jenkins Lockable Resources Plugin XSS vulnerability

5.4CVSS5.4AI score0.00088EPSS

Exploits0References7

vulnersOsv•added 2022/05/13 1:25 a.m.•3 views

org.waveywaves.jenkins.plugins:tekton-client (=1.1.0) potentially affected by CVE-2019-1003042 via org.6wind.jenkins:lockable-resources (=2.3)

5.4CVSS6.4AI score0.00088EPSS

Exploits0

NVD•added 2020/09/23 2:15 p.m.•10 views

CVE-2020-2281

A cross-site request forgery CSRF vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources...

5.8CVSS0.00122EPSS

Exploits0References2

OSV•added 2020/09/23 2:15 p.m.•14 views

CVE-2020-2281

A cross-site request forgery CSRF vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources...

5.4CVSS6.7AI score

Exploits0References2

Prion•added 2020/09/23 2:15 p.m.•17 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources...

5.8CVSS5.4AI score0.00122EPSS

Exploits0References2Affected Software1

Cvelist•added 2020/09/23 1:10 p.m.•14 views

CVE-2020-2281

A cross-site request forgery CSRF vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources...

5.4AI score0.00122EPSS

Exploits0References2

CVE•added 2020/09/23 1:10 p.m.•62 views

CVE-2020-2281

The CVE-2020-2281 issue affects Jenkins Lockable Resources Plugin versions 2.8 and earlier. The root cause is CSRF due to endpoints not requiring POST, allowing attackers to reserve, unreserve, unlock, and reset resources. Impact is limited to the affected plugin’s resources as described in the s...

5.8CVSS5.4AI score0.00122EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2020/09/23 12:0 a.m.•3 views

PT-2020-15510 · Jenkins · Jenkins Lockable Resources Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Lockable Resources Plugin versions 2.8 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to reserve, unreserve, unlock, and reset resources. This issue arises because the plugin does not require...

5.8CVSS5.5AI score0.00122EPSS

Exploits0References8

RedhatCVE•added 2019/10/08 11:12 a.m.•21 views

CVE-2019-1003042

6.1CVSS3.8AI score0.00088EPSS

Exploits0References4

BDU FSTEC•added 2019/07/11 12:0 a.m.•1 views

The vulnerability of the Jenkins Lockable Resources plugin arises from the lack of protective measures for website structures, allowing attackers to inject arbitrary JavaScript code into loaded web pages.

The vulnerability of the Jenkins Lockable Resources plugin exists due to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript code into the web pages displayed by the plugin...

6.4CVSS5.7AI score0.00088EPSS

Exploits0References4Affected Software2

RedHat Linux•added 2019/06/10 4:58 p.m.•4 views

jenkins-plugin-lockable-resources: XSS vulnerability in Lockable Resources Plugin (SECURITY-1361)

5.4CVSS5.3AI score0.00088EPSS

Exploits0References5

CNVD•added 2019/04/01 12:0 a.m.•1 views

CloudBees Jenkins Cross-Site Scripting Vulnerability (CNVD-2019-09292)

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software release/testing projects and some timed tasks . Lockable Resources Plugin is used in one of the globa...

5.4CVSS6.4AI score0.00088EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by