Lucene search
K

44 matches found

OSV
OSV
added 2026/06/23 5:6 p.m.21 views

ROOT-APP-MAVEN-CVE-2026-39304 CVE-2026-39304 in io.root.org.apache.activemq:activemq-client - Patched by Root

Root has patched CVE-2026-39304 in the io.root.org.apache.activemq:activemq-client package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.00896EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/29 3:30 p.m.8 views

com.barchart.jenkins:maven-release-cascade (>=1.1.0 <=1.3.2), com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger (>=2.8.0 <=2.10.1) potentially affected by CVE-2026-42523 via org.jenkins-ci.plugins:git (>=1.2.0 <=1.3.0)

org.jenkins-ci.plugins:git MAVEN version =1.2.0, =1.1.0, =2.8.0, =2.10.1 Source cves: CVE-2026-42523 Source advisory: OSV:GHSA-W22P-4X9F-486V...

9CVSS6AI score0.00281EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.9 views

CVE-2019-16550

A cross-site request forgery vulnerability in a connection test form method in Jenkins Maven Release Plugin 0.16.1 and earlier allows attackers to have Jenkins connect to an attacker specified web server and parse XML documents...

8.8CVSS6.7AI score0.0064EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.9 views

CVE-2019-16549

Jenkins Maven Release Plugin 0.16.1 and earlier does not configure the XML parser to prevent XML external entity XXE attacks, allowing man-in-the-middle attackers to have Jenkins parse crafted XML documents...

8.1CVSS6.7AI score0.00969EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-3866

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.0064EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-2966

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00688EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-3031

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00969EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.23 views

EUVD-2022-5446

Malicious code in bioql PyPI...

5.5CVSS5.6AI score0.00471EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-5090

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.00607EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 7:46 a.m.11 views

CVE-2019-10359

A cross-site request forgery vulnerability in Jenkins Maven Release Plugin 0.14.0 and earlier in the M2ReleaseActiondoSubmit method allowed attackers to perform releases with attacker-specified options...

6.8CVSS6.7AI score0.00607EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:51 a.m.12 views

CVE-2019-10361

Jenkins Maven Release Plugin 0.14.0 and earlier stored credentials unencrypted on the Jenkins master where they could be viewed by users with access to the master file system...

5.5CVSS6.5AI score0.00471EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:14 a.m.8 views

CVE-2019-10360

A stored cross site scripting vulnerability in Jenkins Maven Release Plugin 0.14.0 and earlier allowed attackers to inject arbitrary HTML and JavaScript in the plugin-provided web pages in Jenkins...

5.4CVSS5.7AI score0.00688EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/07/28 12:0 a.m.4 views

br.com.ingenieux.jenkins.plugins:codecommit-url-helper (=0.0.1), com.amcbridge:build-configurator (>=1.0.5.0 <=1.0.6.1) +92 more potentially affected by CVE-2022-36882 via org.jenkins-ci.plugins:git (>=1.2.0 <=4.0.0-rc)

org.jenkins-ci.plugins:git MAVEN version =1.2.0, =1.0.5.0, =1.1.0, =1.9.2-beta, =1.9, =4.0.9, =1.1.0, =1.0.0, =1.0.1, =1.1.3, =1.7.2, =1.1.0, =1.0.0, =1.0.22, =1.0.57 and more Source cves: CVE-2022-36882 Source advisory: OSV:GHSA-8XWJ-2WGH-GPRH...

8.8CVSS7.2AI score0.00583EPSS
Exploits0
OSV
OSV
added 2022/05/24 5:3 p.m.17 views

GHSA-7MF5-79GV-66GH Jenkins Maven Release Plug-in Plugin XXE vulnerability

Jenkins Maven Release Plug-in Plugin retrieves XML from Nexus repository manager APIs. Maven Release Plug-in Plugin 0.16.1 and earlier does not configure the XML parser to prevent XML external entity XXE attacks. While Jenkins users without Overall/Administer permission are not allowed to configu...

7.1CVSS8.2AI score0.00969EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/24 5:3 p.m.18 views

Cross-site request forgery (CSRF) vulnerability in Jenkins Maven Release Plugin

A cross-site request forgery vulnerability in a connection test form method in Jenkins Maven Release Plugin 0.16.1 and earlier allows attackers to have Jenkins connect to an attacker specified web server and parse XML documents...

8.8CVSS6.9AI score0.0064EPSS
Exploits0References5Affected Software1
vulnersOsv
vulnersOsv
added 2022/05/24 4:47 p.m.5 views

br.com.ingenieux.jenkins.plugins:awseb-deployment-plugin (>=0.3.5 <=0.3.15), com.barchart.jenkins:maven-release-cascade (>=1.0.0 <=1.3.2) +109 more potentially affected by CVE-2019-10337 via org.jenkins-ci.plugins:token-macro (>=1.0 <=2.7)

org.jenkins-ci.plugins:token-macro MAVEN version =1.0, =0.3.5, =1.0.0, =1.14.1, =4.1.1, =1.7.2, =1.1.2, =0.18, =0.1, =2.5.8, =3.0, =1.0-alpha-1, =1.2.0-beta-1 and more Source cves: CVE-2019-10337 Source advisory: OSV:GHSA-G6H2-4X64-C59X...

7.5CVSS6.9AI score0.01999EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/14 1:52 a.m.7 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +771 more potentially affected by CVE-2013-2033 via org.jenkins-ci.main:jenkins-core (>=1.396 <=1.509)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.9, =1.0, =1.0.0, =1.0, =1.0-beta-1, =2.1, =1.0, =1.0, =1.0, =1.0, =1.2 - com.cloudbees.jenkins.plugins:cloudbees-credentials =3.3 and more Source cves: CVE-2013-2033 Source advisory: OSV:GHSA-826F-32QM-VM3J...

2.1CVSS5.8AI score0.01875EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/13 1:30 a.m.12 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1304 more potentially affected by CVE-2015-5317 via org.jenkins-ci.main:jenkins-core (>=1.396 <=1.625.1)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =0.0.1, =0.9, =1.3, =1.0, =1.0, =2.2.1, =1.0.3, =1.0.0, =1.0, =1.0.0, =1.2.0 and more Source cves: CVE-2015-5317 Source advisory: OSV:GHSA-8PQX-3RXX-F5PM...

7.5CVSS7.2AI score0.22429EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/13 1:15 a.m.5 views

br.com.ingenieux.jenkins.plugins:awseb-deployment-plugin (>=0.3.5 <=0.3.15), com.barchart.jenkins:maven-release-cascade (>=1.0.0 <=1.3.2) +109 more potentially affected by CVE-2019-1003011 via org.jenkins-ci.plugins:token-macro (>=1.0 <=2.5)

org.jenkins-ci.plugins:token-macro MAVEN version =1.0, =0.3.5, =1.0.0, =1.14.1, =4.1.1, =1.7.2, =1.1.2, =0.18, =0.1, =2.5.8, =3.0, =1.0-alpha-1, =1.2.0-beta-1 and more Source cves: CVE-2019-1003011 Source advisory: OSV:GHSA-23H9-M55M-C5JP...

8.1CVSS6.7AI score0.02039EPSS
Exploits0
CNVD
CNVD
added 2019/12/18 12:0 a.m.5 views

CloudBees Jenkins Maven Release Plugin Code Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Maven Release Plugin is used in one of the...

8.1CVSS7AI score0.00969EPSS
Exploits0References1
Rows per page
Query Builder