8 matches found
EUVD-2025-6150
Malicious code in bioql PyPI...
CVE-2025-27624
A cross-site request forgery CSRF vulnerability in Jenkins 2.499 and earlier, LTS 2.492.1 and earlier allows attackers to have users toggle their collapsed/expanded status of sidepanel widgets e.g., Build Queue and Build Executor Status widgets...
CVE-2025-27624
A cross-site request forgery CSRF vulnerability in Jenkins 2.499 and earlier, LTS 2.492.1 and earlier allows attackers to have users toggle their collapsed/expanded status of sidepanel widgets e.g., Build Queue and Build Executor Status widgets...
CVE-2025-27624
A cross-site request forgery CSRF vulnerability in Jenkins 2.499 and earlier, LTS 2.492.1 and earlier allows attackers to have users toggle their collapsed/expanded status of sidepanel widgets e.g., Build Queue and Build Executor Status widgets...
CVE-2025-27624
A cross-site request forgery CSRF vulnerability in Jenkins 2.499 and earlier, LTS 2.492.1 and earlier allows attackers to have users toggle their collapsed/expanded status of sidepanel widgets e.g., Build Queue and Build Executor Status widgets...
Jenkins has Information Disclosure via Sidepanel Widget
The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to the pages...
Information Exposure
Overview org.jenkins-ci.main:jenkins-core is an open source automation server. Affected versions of this package are vulnerable to Information Exposure via the sidepanel widgets in the CLI command overview and help pages. An attacker can obtain sensitive information by making a direct request to...
Information disclosure
The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to the pages...