MAL-2025-145473 Malicious code in nightwatch-mongodb-subscription-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af5b2015321ec71099b04e8f074d8bc7d0d19b06c3f2ed847d2983a3b28fa945 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2022-3471

Malicious code in bioql PyPI...

CVE-2020-2267

A missing permission check in Jenkins MongoDB Plugin 1.3 and earlier allows attackers with Overall/Read permission to gain access to some metadata of any arbitrary files on the Jenkins controller...

GHSA-C26H-8H4P-4JGJ Missing permission checks in MongoDB Plugin

A missing permission check in Jenkins MongoDB Plugin 1.3 and earlier allows attackers with Overall/Read permission to gain access to some metadata of any arbitrary files on the Jenkins controller...

CloudBees Jenkins MongoDB Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site request forgery...

CloudBees Jenkins MongoDB Privilege Control Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A security vulnerability exis...

CVE-2020-2268

A cross-site request forgery CSRF vulnerability in Jenkins MongoDB Plugin 1.3 and earlier allows attackers to gain access to some metadata of any arbitrary files on the Jenkins controller...

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins MongoDB Plugin 1.3 and earlier allows attackers to gain access to some metadata of any arbitrary files on the Jenkins controller...

CVE-2020-2267

CVE-2020-2267 affects Jenkins MongoDB Plugin versions 1.3 and earlier, where a missing permission check allows users with Overall/Read to access metadata of arbitrary files on the Jenkins controller. The issue is described across multiple sources (Red Hat, NVD, CNVD, GHSA, OSV, etc.) with the cor...

CVE-2020-2268

CVE-2020-2268 applies to Jenkins MongoDB Plugin 1.3 and earlier. The CSRF vulnerability arises because methods implementing form validation do not perform permission checks, allowing attackers with Overall/Read permission to access metadata of arbitrary files on the Jenkins controller. The form v...

CVE-2020-2268

A cross-site request forgery CSRF vulnerability in Jenkins MongoDB Plugin 1.3 and earlier allows attackers to gain access to some metadata of any arbitrary files on the Jenkins controller...

PT-2020-15493 · Jenkins · Jenkins Mongodb Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins MongoDB Plugin versions 1.3 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to gain access to some metadata of any arbitrary files on the Jenkins controller. This issue arises because the plug...

PT-2020-15492 · Jenkins · Jenkins Mongodb Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins MongoDB Plugin versions 1.3 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read permission to gain access to some metadata of any arbitrary files on the Jenkins controller...