Lucene search
+L

36 matches found

prion
prion
added 2021/05/11 3:15 p.m.15 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password...

5.8CVSS6.8AI score0.00522EPSS
Exploits0References1Affected Software1
cve
cve
added 2021/05/11 2:15 p.m.82 views

CVE-2021-21655

CVE-2021-21655 is a CSRF vulnerability in Jenkins P4 Plugin

7.1CVSS6.8AI score0.00522EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2021/05/11 2:15 p.m.27 views

CVE-2021-21655

A cross-site request forgery CSRF vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password...

7.1AI score0.00522EPSS
Exploits0References1
cvelist
cvelist
added 2021/05/11 2:15 p.m.36 views

CVE-2021-21654

Jenkins P4 Plugin 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password...

5.2AI score0.01301EPSS
Exploits0References1
cve
cve
added 2021/05/11 2:15 p.m.94 views

CVE-2021-21654

CVE-2021-21654 affects Jenkins P4 Plugin (versions 1.11.4 and earlier). The vulnerability arises from missing permission checks in multiple HTTP endpoints, allowing attackers with Overall/Read to connect to an attacker-specified Perforce server using attacker-controlled username and password. Imp...

4.3CVSS4.8AI score0.01301EPSS
Exploits0References1Affected Software1
cnnvd
cnnvd
added 2021/05/11 12:0 a.m.6 views

Jenkins 跨站请求伪造漏洞

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site request forgery...

7.1CVSS5.7AI score0.00522EPSS
Exploits0References4
nvd
nvd
added 2020/03/09 4:15 p.m.39 views

CVE-2020-2142

A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds...

4.3CVSS4.5AI score0.00615EPSS
Exploits0References2
nvd
nvd
added 2020/03/09 4:15 p.m.33 views

CVE-2020-2141

A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce...

4.3CVSS4.5AI score0.00636EPSS
Exploits0References2
osv
osv
added 2020/03/09 4:15 p.m.6 views

CVE-2020-2142

A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds...

4.3CVSS5.8AI score0.00615EPSS
Exploits0References2
prion
prion
added 2020/03/09 4:15 p.m.14 views

Cross site request forgery (csrf)

A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce...

4.3CVSS4.5AI score0.00636EPSS
Exploits0References2Affected Software1
prion
prion
added 2020/03/09 4:15 p.m.13 views

Information disclosure

A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds...

4CVSS4.4AI score0.00615EPSS
Exploits0References2Affected Software1
cve
cve
added 2020/03/09 3:0 p.m.80 views

CVE-2020-2142

CVE-2020-2142 relates to the Jenkins P4 Plugin. The issue is a missing permission check in the P4 Plugin versions 1.10.10 and earlier, allowing attackers with Overall/Read permission to trigger builds (and, per some advisories, potentially add labels in Perforce). Affected component: Jenkins P4 P...

4.3CVSS4.4AI score0.00615EPSS
Exploits0References2Affected Software1
cve
cve
added 2020/03/09 3:0 p.m.72 views

CVE-2020-2141

Jenkins P4 Plugin ≤1.10.10 is affected by a cross-site request forgery vulnerability that lets an attacker trigger builds or add labels in Perforce. Root cause: the web app does not adequately validate request origin. Impact: CSRF with I=Low, UI interaction required; no confidentiality or availab...

4.3CVSS4.5AI score0.00636EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2020/03/09 3:0 p.m.36 views

CVE-2020-2141

A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce...

4.5AI score0.00636EPSS
Exploits0References2
cvelist
cvelist
added 2020/03/09 3:0 p.m.36 views

CVE-2020-2142

A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds...

4.5AI score0.00615EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2020/03/09 12:0 a.m.6 views

PT-2020-15353 · Jenkins · Jenkins P4 Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins P4 Plugin versions 1.10.10 and earlier Description: A missing permission check in the Jenkins P4 Plugin allows attackers with Overall/Read permission to trigger builds or add labels in the Perforce repository. Recommendations: For...

4.3CVSS4.4AI score0.00615EPSS
Exploits0References6
Rows per page
Query Builder