CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

146 matches found

NVD•added 2023/09/06 1:15 p.m.•18 views

CVE-2023-41942

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

4.3CVSS5AI score0.00056EPSS

Exploits0References2

OSV•added 2023/09/06 1:15 p.m.•2 views

CVE-2023-41943

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to clear the SQS queue...

6.5CVSS5.8AI score0.00078EPSS

Exploits0References2

NVD•added 2023/09/06 1:15 p.m.•14 views

CVE-2023-41943

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to clear the SQS queue...

6.5CVSS6.6AI score0.00078EPSS

Exploits0References2

OSV•added 2023/09/06 1:15 p.m.•2 views

CVE-2023-41942

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

4.3CVSS5.7AI score0.00056EPSS

Exploits0References2

Prion•added 2023/09/06 1:15 p.m.•26 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

4.3CVSS4.6AI score0.00056EPSS

Exploits0References2Affected Software1

AlpineLinux•added 2023/09/06 12:9 p.m.•34 views

CVE-2023-41944

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not escape the queue name parameter passed to a form validation URL, when rendering an error message, resulting in an HTML injection vulnerability...

6.1CVSS7.2AI score0.002EPSS

Exploits0References2

Cvelist•added 2023/09/06 12:9 p.m.•23 views

CVE-2023-41944

6.8AI score0.002EPSS

Exploits0References2

Vulnrichment•added 2023/09/06 12:9 p.m.•11 views

CVE-2023-41944

6.7AI score0.002EPSS

Exploits0References2

CVE•added 2023/09/06 12:9 p.m.•111 views

CVE-2023-41944

CVE-2023-41944 concerns the Jenkins AWS CodeCommit Trigger Plugin (versions

6.1CVSS6.2AI score0.002EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/09/06 12:9 p.m.•18 views

CVE-2023-41942

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

5.3AI score0.00056EPSS

Exploits0References2

Vulnrichment•added 2023/09/06 12:9 p.m.•12 views

CVE-2023-41942

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

6.7AI score0.00056EPSS

Exploits0References2

AlpineLinux•added 2023/09/06 12:9 p.m.•24 views

CVE-2023-41942

A cross-site request forgery CSRF vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue...

4.3CVSS6.9AI score0.00056EPSS

Exploits0References2

Vulnrichment•added 2023/09/06 12:9 p.m.•19 views

CVE-2023-41943

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to clear the SQS queue...

6.5AI score0.00078EPSS

Exploits0References2

Cvelist•added 2023/09/06 12:8 p.m.•16 views

CVE-2023-41941

A missing permission check in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins...

5.2AI score0.00088EPSS

Exploits0References2

CVE•added 2023/09/06 12:8 p.m.•122 views

CVE-2023-41941

The CVE-2023-41941 issue affects Jenkins and specifically the AWS CodeCommit Trigger Plugin 3.0.12 and earlier, where a missing permission check allows attackers with Overall/Read to enumerate AWS credentials IDs stored in Jenkins. The vulnerability arises from inadequate access control in the pl...

4.3CVSS4.4AI score0.00088EPSS

Exploits0References2Affected Software1

AlpineLinux•added 2023/09/06 12:8 p.m.•45 views

CVE-2023-41941

4.3CVSS6.7AI score0.00088EPSS

Exploits0References2

Vulnrichment•added 2023/09/06 12:8 p.m.•16 views

CVE-2023-41941

6.4AI score0.00088EPSS

Exploits0References2

Positive Technologies•added 2023/09/06 12:0 a.m.•5 views

PT-2023-28179 · Jenkins · Jenkins Aws Codecommit Trigger Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins AWS CodeCommit Trigger Plugin versions 3.0.12 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins...

4.3CVSS4.4AI score0.00088EPSS

Exploits0References8

Positive Technologies•added 2023/09/06 12:0 a.m.•3 views

PT-2023-28181 · Jenkins · Jenkins Aws Codecommit Trigger Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins AWS CodeCommit Trigger Plugin versions 3.0.12 and earlier Description: The issue arises from a lack of permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to clear the SQS queue. This can be exploited...

6.5CVSS6.2AI score0.00078EPSS

Exploits0References7

RedhatCVE•added 2023/07/04 5:17 a.m.•28 views

CVE-2023-35147

Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not restrict the AWS SQS queue name path parameter in an HTTP endpoint, allowing attackers with Item/Read permission to obtain the contents of arbitrary files on the Jenkins controller file system...

6.5CVSS6.7AI score0.00562EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by