CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

RedHat Linux•added 2024/06/05 2:47 p.m.•6 views

jenkins-2-plugins: matrix-project plugin path traversal vulnerability

A flaw was found in The Matrix Project Plugin for Jenkins, which does not sanitize user-defined axis names of multi-configuration projects submitted through the config.xml REST API endpoint. This issue may allow attackers with Item/Configure permission to create or replace any config.xml file on...

4.3CVSS5.8AI score0.00691EPSS

Exploits0References6

RedHat Linux•added 2024/06/05 2:47 p.m.•4 views

jenkins-2-plugins: matrix-project plugin path traversal vulnerability

4.3CVSS5.8AI score0.00691EPSS

Exploits0References6

NVD•added 2024/01/24 6:15 p.m.•22 views

CVE-2024-23900

Jenkins Matrix Project Plugin 822.v01b8c85d16d2 and earlier does not sanitize user-defined axis names of multi-configuration projects, allowing attackers with Item/Configure permission to create or replace any config.xml files on the Jenkins controller file system with content not controllable by...

4.3CVSS4.8AI score0.00691EPSS

Exploits0References2

Prion•added 2024/01/24 6:15 p.m.•23 views

Code injection

4CVSS4.5AI score0.00691EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/01/24 5:52 p.m.•28 views

CVE-2024-23900

5.1AI score0.00691EPSS

Exploits0References2

OSV•added 2022/05/24 5:15 p.m.•20 views

GHSA-324H-2V7H-Q3XX RCE vulnerability in Jenkins Yaml Axis Plugin

Yaml Axis Plugin 0.2.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution RCE vulnerability exploitable by users able to configure a multi-configuration Matrix job, or control the contents of a previously...

8.8CVSS9AI score0.02867EPSS

Exploits0References5