EUVD-2022-2242

Malicious code in bioql PyPI...

CVE-2019-10308

A missing permission check in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationViewdoSave form handler method allowed attackers with Overall/Read permission to change the per-job default graph configuration for all users...

GHSA-FG6G-52RG-VR9Q Stored XSS vulnerability in Jenkins Static Analysis Utilities Plugin

Jenkins Static Analysis Utilities Plugin 1.96 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission...

Jenkins Static Analysis Utilities Plugin is vulnerable to Cross-site request forgery vulnerability

Jenkins analysis-core Plugin has the capability to allow other plugins to display trend graphs for their static analysis results. analysis-core Plugin provides the configuration form for the default settings of each graph. The configuration form and form submission handler did not perform a...

CVE-2019-10308

A missing permission check in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationViewdoSave form handler method allowed attackers with Overall/Read permission to change the per-job default graph configuration for all users...

CVE-2019-10307

A cross-site request forgery vulnerability in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationViewdoSave form handler method allowed attackers to change the per-job default graph configuration for all users...

CVE-2019-10307

A cross-site request forgery vulnerability in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationViewdoSave form handler method allowed attackers to change the per-job default graph configuration for all users...

CVE-2019-10307

CVE-2019-10307 affects Jenkins Static Analysis Utilities Plugin ≤ 1.95 (and related analysis-core changes). The vulnerability is a CSRF flaw in DefaultGraphConfigurationView#doSave that allows attackers with Job/Read access to change per-job graph defaults for all users. Impact is configuration c...

CVE-2019-10308

CVE-2019-10308 affects Jenkins Static Analysis Utilities Plugin (versions ≤ 1.95). A missing permission check in the DefaultGraphConfigurationView.doSave form handler allowed users with Overall/Read permissions to alter the per-job default graph configuration for all users. Impact: attackers with...