21 matches found
EUVD-2022-0889
Malicious code in bioql PyPI...
CVE-2022-25198
A cross-site request forgery CSRF vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...
CVE-2022-25199
A missing permission check in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials...
Jenkins SCP publisher Plugin cross-site request forgery vulnerability
Jenkins is a Jenkins open source application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins SCP publisher Plugin 1.8 and earlier versions are vulnerable to cross-site request forgery, which stems from a WEB...
Jenkins SCP publisher Plugin Access Control Error Vulnerability
Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins SCP publisher Plugin 1.8 and earlier versions have an access control error vulnerability that stems from not...
GHSA-7G7G-82FP-HPXX CSRF vulnerability in Jenkins SCP publisher Plugin
SCP publisher Plugin 1.8 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials. Additionally, this form validation method does...
CSRF vulnerability in Jenkins SCP publisher Plugin
SCP publisher Plugin 1.8 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials. Additionally, this form validation method does...
GHSA-VJ3J-8M6X-MJQ6 Missing permission check in Jenkins SCP publisher Plugin
SCP publisher Plugin 1.8 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials. Additionally, this form validation method does...
Missing permission check in Jenkins SCP publisher Plugin
SCP publisher Plugin 1.8 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials. Additionally, this form validation method does...
CVE-2022-25199
A missing permission check in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials...
CVE-2022-25198
A cross-site request forgery CSRF vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...
CVE-2022-25198
A cross-site request forgery CSRF vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...
CVE-2022-25199
A missing permission check in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials...
CVE-2022-25198
A cross-site request forgery CSRF vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...
CVE-2022-25199
A missing permission check in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...
CVE-2022-25199
CVE-2022-25199 : Jenkins SCP Publisher Plugin, versions 1.8 and earlier, lacks a permission check in a form-validation method. This enables attackers with Overall/Read permission to connect to an attacker‑specified SSH server using attacker‑specified credentials, and the flawed flow also enables ...
CVE-2022-25199
A missing permission check in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials...
CVE-2022-25198
The CVE-2022-25198 entry pertains to Jenkins SCP publisher Plugin versions 1.8 and earlier, which expose a cross-site request forgery (CSRF) vulnerability. The flaw allows an attacker, with Overall/Read permission, to cause the Jenkins controller to connect to an attacker‑specified SSH server usi...
Jenkins 插件权限许可和访问控制问题漏洞
Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins SCP publisher Plugin 1.8 and earlier versions have an access control error vulnerability that stems from not...