Lucene search
+L

12 matches found

redhatcve
redhatcve
added 2025/05/22 11:18 p.m.5 views

CVE-2022-36892

Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...

4.3CVSS5.9AI score0.00569EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2022/08/10 12:0 a.m.8 views

The vulnerability of the Jenkins rhnpush-plugin, related to deficiencies in the authentication process, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Jenkins rhnpush-plugin is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

4.3CVSS5.5AI score0.00569EPSS
Exploits0References3Affected Software1
osv
osv
added 2022/07/28 12:0 a.m.31 views

GHSA-W8GX-4R6W-3RX9 Jenkins rhnpush-plugin does not perform a permission check in a method implementing form validation

Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...

4.3CVSS4.7AI score0.00569EPSS
Exploits0References4
github
github
added 2022/07/28 12:0 a.m.25 views

Jenkins rhnpush-plugin does not perform a permission check in a method implementing form validation

Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...

4.3CVSS4.8AI score0.00569EPSS
Exploits0References5Affected Software1
nvd
nvd
added 2022/07/27 3:15 p.m.30 views

CVE-2022-36892

Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...

4.3CVSS0.00569EPSS
Exploits0References2
attackerkb
attackerkb
added 2022/07/27 3:15 p.m.5 views

CVE-2022-36892

Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...

4.3CVSS5.8AI score0.00569EPSS
Exploits0References3
osv
osv
added 2022/07/27 3:15 p.m.7 views

CVE-2022-36892

Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...

4.3CVSS5.8AI score0.00569EPSS
Exploits0References2
cve
cve
added 2022/07/27 2:23 p.m.85 views

CVE-2022-36892

CVE-2022-36892 affects Jenkins rhnpush-plugin up to version 0.5.1. The issue is missing a permission check in the form validation path, allowing users with Item/Read but without Item/Workspace or Item/Configure to determine if attacker-specified file patterns match workspace contents. The vulnera...

4.3CVSS4.4AI score0.00569EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2022/07/27 2:23 p.m.31 views

CVE-2022-36892

Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...

5.2AI score0.00569EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2022/07/27 12:0 a.m.3 views

PT-2022-4035 · Jenkins · Jenkins Rhnpush-Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins rhnpush-plugin Plugin versions 0.5.1 and earlier Description: The issue is related to insufficient authorization procedures in the Jenkins rhnpush-plugin. This allows attackers with Item/Read permission but without Item/Workspace or...

4.3CVSS4.2AI score0.00569EPSS
Exploits0References7
cnnvd
cnnvd
added 2022/07/27 12:0 a.m.6 views

Jenkins rhnpush-plugin Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

4.3CVSS5.2AI score0.00569EPSS
Exploits0References5
rocky
rocky
added 2019/11/05 5:34 p.m.12 views

rhn-tools:1.0 bug fix and enhancement update

An update is available for osad, spacewalk-abrt, rhn-custom-info, rhncfg, spacewalk-koan, spacewalk-oscap, spacewalk-backend, rhn-virtualization, spacewalk-usix, rhnpush, spacewalk-client-cert, cobbler, spacewalk-remote-utils. This update affects Rocky Linux 8. A Common Vulnerability Scoring Syst...

1.5AI score
Exploits0
Rows per page
Query Builder