Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-0889

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00527EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 12:5 a.m.5 views

CVE-2022-25198

A cross-site request forgery CSRF vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...

8.8CVSS6.7AI score0.00527EPSS
Exploits0References1
OSV
OSV
added 2022/02/16 12:1 a.m.20 views

GHSA-7G7G-82FP-HPXX CSRF vulnerability in Jenkins SCP publisher Plugin

SCP publisher Plugin 1.8 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials. Additionally, this form validation method does...

8.8CVSS8.6AI score0.00527EPSS
Exploits0References3
OSV
OSV
added 2022/02/15 5:15 p.m.5 views

CVE-2022-25199

A missing permission check in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials...

8.8CVSS5.8AI score0.00787EPSS
Exploits0References1
NVD
NVD
added 2022/02/15 5:15 p.m.28 views

CVE-2022-25198

A cross-site request forgery CSRF vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...

8.8CVSS0.00527EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/02/15 5:15 p.m.5 views

CVE-2022-25198

A cross-site request forgery CSRF vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...

8.8CVSS7.2AI score0.00527EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/02/15 5:15 p.m.8 views

CVE-2022-25199

A missing permission check in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials...

8.8CVSS7.3AI score0.00787EPSS
Exploits0References2
Prion
Prion
added 2022/02/15 5:15 p.m.17 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials...

6.8CVSS8.6AI score0.00527EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/02/15 4:11 p.m.117 views

CVE-2022-25199

CVE-2022-25199 : Jenkins SCP Publisher Plugin, versions 1.8 and earlier, lacks a permission check in a form-validation method. This enables attackers with Overall/Read permission to connect to an attacker‑specified SSH server using attacker‑specified credentials, and the flawed flow also enables ...

8.8CVSS8.4AI score0.00787EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/02/15 4:11 p.m.161 views

CVE-2022-25198

The CVE-2022-25198 entry pertains to Jenkins SCP publisher Plugin versions 1.8 and earlier, which expose a cross-site request forgery (CSRF) vulnerability. The flaw allows an attacker, with Overall/Read permission, to cause the Jenkins controller to connect to an attacker‑specified SSH server usi...

8.8CVSS8.6AI score0.00527EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/02/15 12:0 a.m.3 views

Jenkins 插件权限许可和访问控制问题漏洞

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins SCP publisher Plugin 1.8 and earlier versions have an access control error vulnerability that stems from not...

8.8CVSS5.7AI score0.00787EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/02/15 12:0 a.m.3 views

PT-2022-17138 · Jenkins · Jenkins Ftp Publisher Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins SCP publisher Plugin versions 1.8 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials. The...

8.8CVSS8.5AI score0.00787EPSS
Exploits0References4
Rows per page
Query Builder