aws-sqs-create-queue (=0.1.0), cobalt-aws (>=0.3.0 <=0.7.0) +4 more potentially affected by unknown CVE via aws-sdk-sqs (>=0.11.0 <=0.9.0)

aws-sdk-sqs CARGO version =0.11.0, =0.3.0, =1.3.0, =0.1.0, =0.1.3 Source cves: unknown CVE Source advisory: OSV:GHSA-G59M-GF8J-GJF5...

EUVD-2024-3392

Malicious code in bioql PyPI...

EUVD-2025-9528

Malicious code in bioql PyPI...

Scaling Spin Apps With KEDA

Scale Spin apps on Kubernetes using SpinKube and KEDA for event-driven autoscaling based on Amazon SQS queue metrics...

CVE-2024-54003

Jenkins Simple Queue Plugin 1.4.4 and earlier does not escape the view name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Create permission...

CVE-2025-31723

A cross-site request forgery CSRF vulnerability in Jenkins Simple Queue Plugin 1.4.6 and earlier allows attackers to change and reset the build queue order...

Cross-site Request Forgery (CSRF)

Overview io.jenkins.plugins:simple-queue is a plugin that enables to change queue order by simple up & down arrow buttons. UI Queue Sorter. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the HTTP endpoints. An attacker can manipulate the build queue order ...

Jenkins Simple Queue Plugin Cross-Site Request Forgery (CSRF)

Jenkins Simple Queue Plugin 1.4.6 and earlier does not require POST requests for multiple HTTP endpoints, resulting in cross-site request forgery CSRF vulnerabilities. These vulnerabilities allow attackers to change and reset the build queue order. Simple Queue Plugin 1.4.7 requires POST requests...

CVE-2025-31723

A cross-site request forgery CSRF vulnerability in Jenkins Simple Queue Plugin 1.4.6 and earlier allows attackers to change and reset the build queue order...

CVE-2025-31723

The CVE-2025-31723 issue affects Jenkins Simple Queue Plugin 1.4.6 and earlier. A Cross-Site Request Forgery (CSRF) vulnerability lets an attacker change and reset the build queue order via forged HTTP requests. Exploitation is described in SNYK as feasible only when CSRF protection is disabled i...

CVE-2025-31723

A cross-site request forgery CSRF vulnerability in Jenkins Simple Queue Plugin 1.4.6 and earlier allows attackers to change and reset the build queue order...

CVE-2025-31723

A cross-site request forgery CSRF vulnerability in Jenkins Simple Queue Plugin 1.4.6 and earlier allows attackers to change and reset the build queue order...

PT-2025-14513 · Jenkins · Jenkins Simple Queue Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Simple Queue Plugin versions 1.4.6 and earlier Description: A cross-site request forgery CSRF issue allows attackers to change and reset the build queue order. Recommendations: For Jenkins Simple Queue Plugin versions 1.4.6 and earlie...

Jenkins plugin Simple Queue 跨站请求伪造漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A cross-site reque...

GHSA-4GWV-FPMG-CMV2 Jenkins Simple Queue Plugin has stored cross-site scripting (XSS) vulnerability

Jenkins Simple Queue Plugin 1.4.4 and earlier does not escape the view name. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Create permission. Simple Queue Plugin 1.4.5 escapes the view name...

Jenkins Simple Queue Plugin has stored cross-site scripting (XSS) vulnerability

Jenkins Simple Queue Plugin 1.4.4 and earlier does not escape the view name. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Create permission. Simple Queue Plugin 1.4.5 escapes the view name...

CVE-2024-54003

Jenkins Simple Queue Plugin 1.4.4 and earlier does not escape the view name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Create permission...

CVE-2024-54003

CVE-2024-54003 : Jenkins Simple Queue Plugin versions 1.4.4 and earlier are affected by a stored XSS due to the view name not being escaped, exploitable by attackers with View/Create permission. Root cause identified as failure to escape the view name. Impact aligns with high-severity in the CVSS...

CVE-2024-54003

Jenkins Simple Queue Plugin 1.4.4 and earlier does not escape the view name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Create permission...

CVE-2024-54003

Jenkins Simple Queue Plugin 1.4.4 and earlier does not escape the view name, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Create permission...