CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

86 matches found

Tenable Nessus•added 2026/05/06 12:0 a.m.•9 views

RHCOS 4 : OpenShift Container Platform 4.5.6 (RHSA-2020:3453)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3453 advisory. - jenkins-credentials-binding-plugin: information disclosure in build log when build contains no build steps CVE-2020-2181 -...

7.5CVSS5.8AI score0.01359EPSS

Exploits1References12

Tenable Nessus•added 2026/05/06 12:0 a.m.•7 views

RHCOS 4 : OpenShift Container Platform 4.3.40 jenkins-2-plugins (RHSA-2020:4265)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4265 advisory. - jenkins-credentials-binding-plugin: information disclosure in build log when build contains no build steps CVE-2020-2181 -...

6.5CVSS5.8AI score0.01078EPSS

Exploits0References13

Tenable Nessus•added 2026/05/04 12:0 a.m.•4 views

RHCOS 3 : Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2019:0739)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0739 advisory. - jenkins-plugin-script-security: Sandbox Bypass in Script Security Plugin SECURITY-1292 CVE-2019-1003005 -...

9.9CVSS6AI score0.75961EPSS

Exploits6References14

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-5490

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.01033EPSS

Exploits0References9

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2024-0334

Malicious code in bioql PyPI...

4.3CVSS4.7AI score0.00691EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-4089

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00912EPSS

Exploits0References9

RedHat Linux•added 2024/07/17 6:49 p.m.•3 views

jenkins-2-plugins: matrix-project plugin path traversal vulnerability

A flaw was found in The Matrix Project Plugin for Jenkins, which does not sanitize user-defined axis names of multi-configuration projects submitted through the config.xml REST API endpoint. This issue may allow attackers with Item/Configure permission to create or replace any config.xml file on...

4.3CVSS5.8AI score0.00691EPSS

Exploits0References6

RedHat Linux•added 2024/06/05 2:47 p.m.•6 views

jenkins-2-plugins: matrix-project plugin path traversal vulnerability

4.3CVSS5.8AI score0.00691EPSS

Exploits0References6

RedHat Linux•added 2024/06/05 2:47 p.m.•5 views

jenkins-2-plugins: matrix-project plugin path traversal vulnerability

4.3CVSS5.8AI score0.00691EPSS

Exploits0References6

RedHat Linux•added 2024/06/05 2:46 p.m.•5 views

jenkins-2-plugins: matrix-project plugin path traversal vulnerability

4.3CVSS5.8AI score0.00691EPSS

Exploits0References6

BDU FSTEC•added 2024/04/15 12:0 a.m.•6 views

The vulnerability of the Jenkins Git Matrix Project plugin, related to incorrect restrictions on the path to the restricted access directory, allows attackers to compromise the integrity of the protected information.

The vulnerability of the Jenkins Git Matrix Project plugin is related to the lack of cleaning of user-defined project names with multiple configurations. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the protected information...

4.3CVSS5.4AI score0.00691EPSS

Exploits0References3Affected Software2

vulnersOsv•added 2024/01/24 6:31 p.m.•5 views

aendter.jenkins.plugins:filesystem-list-parameter-plugin (=0.0.6), br.com.ingenieux.jenkins.plugins:codecommit-url-helper (=0.0.1) +192 more potentially affected by CVE-2024-23900 via org.jenkins-ci.plugins:matrix-project (>=1.0 <=822.v01b_8c85d16d2)

org.jenkins-ci.plugins:matrix-project MAVEN version =1.0, =1.0.5.0, =0.2, =1.0.0, =1.9.2-beta, =0.5, =1.29, =1.14.0, =4.1.1, =1.1.1, =1.0.0, =1.0.1, =1.1.3, =1.7.2, =1.8.2 and more Source cves: CVE-2024-23900 Source advisory: OSV:GHSA-CJGM-9VC9-56MX...

4.3CVSS5.8AI score0.00691EPSS

Exploits0

Github Security Blog•added 2024/01/24 6:31 p.m.•43 views

Path traversal vulnerability in Jenkins Matrix Project Plugin

Jenkins Matrix Project Plugin 822.v01b8c85d16d2 and earlier does not sanitize user-defined axis names of multi-configuration projects submitted through the config.xml REST API endpoint. This allows attackers with Item/Configure permission to create or replace any config.xml file on the Jenkins...

4.3CVSS4.4AI score0.00691EPSS

Exploits0References5Affected Software1

OSV•added 2024/01/24 6:31 p.m.•29 views

GHSA-CJGM-9VC9-56MX Path traversal vulnerability in Jenkins Matrix Project Plugin

4.6CVSS6.4AI score0.00691EPSS

Exploits0References5

NVD•added 2024/01/24 6:15 p.m.•23 views

CVE-2024-23900

Jenkins Matrix Project Plugin 822.v01b8c85d16d2 and earlier does not sanitize user-defined axis names of multi-configuration projects, allowing attackers with Item/Configure permission to create or replace any config.xml files on the Jenkins controller file system with content not controllable by...

4.3CVSS4.8AI score0.00691EPSS

Exploits0References2

OSV•added 2024/01/24 6:15 p.m.•31 views

CVE-2024-23900

4.3CVSS6.5AI score

Exploits0References2

Cvelist•added 2024/01/24 5:52 p.m.•39 views

CVE-2024-23900

5.1AI score0.00691EPSS

Exploits0References2

CVE•added 2024/01/24 5:52 p.m.•386 views

CVE-2024-23900

CVE-2024-23900 affects Jenkins Matrix Project Plugin 822.v01b_8c85d16d2 and earlier. The flaw: the plugin does not sanitize user-defined axis names for multi-configuration projects, allowing attackers with Item/Configure permission to write or replace config.xml files on the Jenkins controller fi...

4.3CVSS4.6AI score0.00691EPSS

Exploits0References2Affected Software1