Lucene search
K

20 matches found

vulnersOsv
vulnersOsv
added 2025/10/29 3:31 p.m.8 views

org.jenkins-ci.plugins:maven-artifact-choicelistprovider (>=1.0.3 <=1.9.2) potentially affected by CVE-2025-64133 via jp.ikedam.jenkins.plugins:extensible-choice-parameter (>=1.3.3 <=1.7.0)

jp.ikedam.jenkins.plugins:extensible-choice-parameter MAVEN version =1.3.3, =1.0.3, =1.9.2 Source cves: CVE-2025-64133 Source advisory: OSV:GHSA-3JW2-5HJG-HC2C...

5.4CVSS5.8AI score0.00236EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/29 3:31 p.m.9 views

org.jenkins-ci.plugins:maven-artifact-choicelistprovider (>=1.0.3 <=371.ve708f79022db_) potentially affected by CVE-2025-64133 via jp.ikedam.jenkins.plugins:extensible-choice-parameter (>=1.3.3 <=250.va_1cf60782b_1a_)

jp.ikedam.jenkins.plugins:extensible-choice-parameter MAVEN version =1.3.3, =1.0.3, =371.ve708f79022db Source cves: CVE-2025-64133 Source advisory: SNYK:JAVA-JPIKEDAMJENKINSPLUGINS-13775577...

5.4CVSS5.8AI score0.00236EPSS
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-3796

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00681EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 7:7 a.m.7 views

CVE-2018-1999030

An exposure of sensitive information vulnerability exists in Jenkins Maven Artifact ChoiceListProvider Nexus Plugin 1.3.1 and earlier in ArtifactoryChoiceListProvider.java, NexusChoiceListProvider.java, Nexus3ChoiceListProvider.java that allows attackers to capture credentials with a known...

5.4CVSS6.1AI score0.00681EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/03/08 12:0 a.m.16 views

Fedora: Security Advisory for maven-resolver (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02557EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2024/03/08 12:0 a.m.17 views

Fedora: Security Advisory for maven-artifact-transfer (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS9.2AI score0.02557EPSS
Exploits3References2
Fedora
Fedora
added 2024/03/07 10:33 p.m.28 views

[SECURITY] Fedora 40 Update: maven-resolver-1.9.18-3.fc40

Apache Maven Artifact Resolver is a library for working with artifact repositories and dependency resolution. Maven Artifact Resolver deals with the specification of local repository, remote repository, developer workspaces, artifact transports and artifact resolution...

8.8CVSS9AI score0.02557EPSS
Exploits3
Fedora
Fedora
added 2024/03/07 10:33 p.m.22 views

[SECURITY] Fedora 40 Update: maven-artifact-transfer-0.13.1-14.fc40

An API to either install or deploy artifacts with Maven 3...

8.8CVSS6.8AI score0.02557EPSS
Exploits3
Veracode
Veracode
added 2023/08/18 1:53 a.m.19 views

Improper Access Control

maven-artifact-choicelistprovider is vulnerable to Improper Access Control. The vulnerability exists because the library does not set the appropriate context for credentials lookup, which allows an attacker with Item or Configure permission to access and capture credentials they are not entitled ...

6.5CVSS6.7AI score0.00557EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2023/08/16 12:0 a.m.2 views

Jenkins Plugin Maven Artifact ChoiceListProvider 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

6.5CVSS6.5AI score0.00557EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/08/16 12:0 a.m.5 views

PT-2023-5742 · Jenkins · Jenkins Maven Artifact Choicelistprovider (Nexus) Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Maven Artifact ChoiceListProvider Nexus Plugin versions 1.14 and earlier Description: The issue is related to insufficient protection of registration data, allowing attackers with Item/Configure permission to access and capture...

6.8CVSS6.3AI score0.00557EPSS
Exploits0References11
ATTACKERKB
ATTACKERKB
added 2022/07/27 3:15 p.m.2 views

CVE-2022-36905

Jenkins Maven Metadata Plugin for Jenkins CI server Plugin 2.2 and earlier does not perform URL validation for the Repository Base URL of List maven artifact versions parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS5.6AI score0.00533EPSS
Exploits0References3
Prion
Prion
added 2022/07/27 3:15 p.m.14 views

Cross site scripting

Jenkins Maven Metadata Plugin for Jenkins CI server Plugin 2.2 and earlier does not perform URL validation for the Repository Base URL of List maven artifact versions parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

4.9CVSS5.3AI score0.00533EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2022/07/27 12:0 a.m.4 views

PT-2022-4039 · Jenkins · Jenkins Maven Metadata Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Maven Metadata Plugin versions 2.2 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs due to the lack of URL validation for the Repository Base URL of List maven artifact versio...

8CVSS5.1AI score0.00533EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2022/06/23 5:15 p.m.3 views

CVE-2022-34195

Jenkins Repository Connector Plugin 2.2.0 and earlier does not escape the name and description of Maven Repository Artifact parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

5.4CVSS6.2AI score0.00753EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/06/22 12:0 a.m.5 views

Jenkins Plugin Repository Connector 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability exist...

5.4CVSS5.7AI score0.00753EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2022/05/13 1:30 a.m.4 views

at.chrl:chrl-jms (=1.1.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +273 more potentially affected by CVE-2015-5254 via org.apache.activemq:activemq-client (>=5.10.0 <=5.11.2)

org.apache.activemq:activemq-client MAVEN version =5.10.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2015-5254 Source advisory: OSV:GHSA-Q9HR-3PG4-3JP4...

9.8CVSS7.1AI score0.38191EPSS
Exploits4
vulnersOsv
vulnersOsv
added 2021/09/08 8:14 p.m.8 views

cc.jweb:jweb-adai (>=1.0.2 <=1.0.6), cc.jweb:jweb-boot (>=1.0.2 <=1.0.5) +49 more potentially affected by CVE-2021-36162 via org.apache.dubbo:dubbo (>=2.7.0 <=2.7.12)

org.apache.dubbo:dubbo MAVEN version =2.7.0, =1.0.2, =1.0.2, =1.2.1, =1.28.0, =0.0.1, =1.5.1, =2.0.1, =0.1.3, =2.4.0, =2.4.0, =2.4.0, =1.0.0, =1.0.0, =1.0, =1.1 and more Source cves: CVE-2021-36162 Source advisory: OSV:GHSA-R577-4HQ7-73QH...

8.8CVSS7.2AI score0.02019EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2020/06/15 8:35 p.m.11 views

app.pickmaven:businessdays (>=1.0.0 <=1.0.1), br.com.martinlabs:martinlabs-commons (=3.4) +834 more potentially affected by CVE-2018-10237 via com.google.guava:guava-jdk5 (>=13.0 <=17.0)

com.google.guava:guava-jdk5 MAVEN version =13.0, =1.0.0, =0.1, =0.1, =4.0.2, =1.0, =1.0, =1.0.16, =1.0.16, =2.4.1 and more Source cves: CVE-2018-10237 Source advisory: OSV:GHSA-MVR2-9PJ6-7W5J...

5.9CVSS6.8AI score0.05119EPSS
Exploits0
OSV
OSV
added 2018/08/01 1:29 p.m.6 views

CVE-2018-1999030

An exposure of sensitive information vulnerability exists in Jenkins Maven Artifact ChoiceListProvider Nexus Plugin 1.3.1 and earlier in ArtifactoryChoiceListProvider.java, NexusChoiceListProvider.java, Nexus3ChoiceListProvider.java that allows attackers to capture credentials with a known...

5.4CVSS5.8AI score0.00681EPSS
Exploits0References1
Rows per page
Query Builder