11 matches found
EUVD-2022-2702
Malicious code in bioql PyPI...
CVE-2018-1999037
A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource...
org.jenkins-ci.plugins.nodesharing:foreman-node-sharing (>=1.2.8 <=1.2.9), org.jenkins-ci.plugins:foreman-node-sharing (>=1.2.0 <=1.2.3) potentially affected by CVE-2018-1999037 via org.jenkins-ci.plugins:resource-disposer (=0.1)
org.jenkins-ci.plugins:resource-disposer MAVEN version =0.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:resource-disposer and may be impacted: - org.jenkins-ci.plugins.nodesharing:foreman-node-sharing =1.2.8, =1.2.0, =1.2.3...
GHSA-63JG-5WV6-7GHV Jenkins Resource Disposer Plugin allows attacker to stop tracking specified resource
A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a specified resource. Additionally, this API endpoint did not require POST requests, resulting in a CSRF vulnerability. As of version...
Jenkins Resource Disposer Plugin allows attacker to stop tracking specified resource
A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a specified resource. Additionally, this API endpoint did not require POST requests, resulting in a CSRF vulnerability. As of version...
CloudBees Jenkins Resource Disposer Plugin Cross-Site Request Forgery Vulnerability
CloudBees Jenkins is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . Resource Disposer Plugin is used in...
Design/Logic Flaw
A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource...
CVE-2018-1999037
A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource...
CVE-2018-1999037
A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource...
CVE-2018-1999037
CVE-2018-1999037 affects Jenkins Resource Disposer Plugin up to version 0.11. The vulnerability is in AsyncResourceDisposer.java and allows an attacker to stop tracking a resource (data modification). Related advisories confirm an additional CSRF weakness in the API endpoint prior to version 0.12...
CVE-2018-1999037
A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource...