CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

84 matches found

Tenable Nessus•added 2026/05/06 12:0 a.m.•3 views

RHCOS 4 : OpenShift Container Platform 4.3.40 jenkins-2-plugins (RHSA-2020:4265)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4265 advisory. - jenkins-credentials-binding-plugin: information disclosure in build log when build contains no build steps CVE-2020-2181 -...

6.5CVSS5.8AI score0.00165EPSS

Exploits0References13

Tenable Nessus•added 2026/05/06 12:0 a.m.•4 views

RHCOS 4 : OpenShift Container Platform 4.5.6 (RHSA-2020:3453)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3453 advisory. - jenkins-credentials-binding-plugin: information disclosure in build log when build contains no build steps CVE-2020-2181 -...

7.5CVSS5.8AI score0.00165EPSS

Exploits1References12

Tenable Nessus•added 2026/05/04 12:0 a.m.•3 views

RHCOS 3 : Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2019:0739)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0739 advisory. - jenkins-plugin-script-security: Sandbox Bypass in Script Security Plugin SECURITY-1292 CVE-2019-1003005 -...

9.9CVSS6AI score0.92647EPSS

Exploits6References14

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-5490

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00165EPSS

Exploits0References9

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-0334

Malicious code in bioql PyPI...

4.3CVSS4.7AI score0.00058EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-4089

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00157EPSS

Exploits0References9

RedHat Linux•added 2024/07/17 6:49 p.m.•3 views

jenkins-2-plugins: matrix-project plugin path traversal vulnerability

A flaw was found in The Matrix Project Plugin for Jenkins, which does not sanitize user-defined axis names of multi-configuration projects submitted through the config.xml REST API endpoint. This issue may allow attackers with Item/Configure permission to create or replace any config.xml file on...

4.3CVSS5.8AI score0.00058EPSS

Exploits0References6

RedHat Linux•added 2024/06/05 2:47 p.m.•5 views

jenkins-2-plugins: matrix-project plugin path traversal vulnerability

4.3CVSS5.8AI score0.00058EPSS

Exploits0References6

RedHat Linux•added 2024/06/05 2:47 p.m.•4 views

jenkins-2-plugins: matrix-project plugin path traversal vulnerability

4.3CVSS5.8AI score0.00058EPSS

Exploits0References6

RedHat Linux•added 2024/06/05 2:46 p.m.•5 views

jenkins-2-plugins: matrix-project plugin path traversal vulnerability

4.3CVSS5.8AI score0.00058EPSS

Exploits0References6

OSV•added 2024/01/24 6:31 p.m.•28 views

GHSA-CJGM-9VC9-56MX Path traversal vulnerability in Jenkins Matrix Project Plugin

Jenkins Matrix Project Plugin 822.v01b8c85d16d2 and earlier does not sanitize user-defined axis names of multi-configuration projects submitted through the config.xml REST API endpoint. This allows attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins...

4.6CVSS6.4AI score0.00058EPSS

Exploits0References5

vulnersOsv•added 2024/01/24 6:31 p.m.•3 views

aendter.jenkins.plugins:filesystem-list-parameter-plugin (=0.0.6), br.com.ingenieux.jenkins.plugins:codecommit-url-helper (=0.0.1) +192 more potentially affected by CVE-2024-23900 via org.jenkins-ci.plugins:matrix-project (>=1.0 <=822.v01b_8c85d16d2)

org.jenkins-ci.plugins:matrix-project MAVEN version =1.0, =1.0.5.0, =0.2, =1.0.0, =1.9.2-beta, =0.5, =1.29, =1.14.0, =4.1.1, =1.1.1, =1.0.0, =1.0.1, =1.1.3, =1.7.2, =1.8.2 and more Source cves: CVE-2024-23900 Source advisory: OSV:GHSA-CJGM-9VC9-56MX...

4.3CVSS5.8AI score0.00058EPSS

Exploits0

Github Security Blog•added 2024/01/24 6:31 p.m.•40 views

Path traversal vulnerability in Jenkins Matrix Project Plugin

4.3CVSS4.4AI score0.00058EPSS

Exploits0References5Affected Software1

NVD•added 2024/01/24 6:15 p.m.•21 views

CVE-2024-23900

Jenkins Matrix Project Plugin 822.v01b8c85d16d2 and earlier does not sanitize user-defined axis names of multi-configuration projects, allowing attackers with Item/Configure permission to create or replace any config.xml files on the Jenkins controller file system with content not controllable by...

4.3CVSS4.8AI score0.00058EPSS

Exploits0References2

OSV•added 2024/01/24 6:15 p.m.•27 views

CVE-2024-23900

4.3CVSS6.5AI score

Exploits0References2

AlpineLinux•added 2024/01/24 5:52 p.m.•26 views

CVE-2024-23900

4.3CVSS7AI score0.00058EPSS

Exploits0References2

CVE•added 2024/01/24 5:52 p.m.•373 views

CVE-2024-23900

CVE-2024-23900 affects Jenkins Matrix Project Plugin 822.v01b_8c85d16d2 and earlier. The flaw: the plugin does not sanitize user-defined axis names for multi-configuration projects, allowing attackers with Item/Configure permission to write or replace config.xml files on the Jenkins controller fi...

4.3CVSS4.6AI score0.00058EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/01/24 5:52 p.m.•26 views

CVE-2024-23900

5.1AI score0.00058EPSS

Exploits0References2

Vulnrichment•added 2024/01/24 5:52 p.m.•2 views

CVE-2024-23900

6.9AI score0.00058EPSS

Exploits0References2

Positive Technologies•added 2024/01/24 12:0 a.m.•4 views

PT-2024-2757 · Jenkins +1 · Jenkins Matrix Project Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins Matrix Project Plugin versions 822.v01b 8c85d16d2 and earlier Description: The issue is related to the lack of sanitization of user-defined axis names of multi-configuration projects. This allows attackers with Item/Configure permissi...

4.6CVSS6.3AI score0.00058EPSS

Exploits0References12

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by