Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.11 views

CVE-2026-44301

Hugo is a static site generator. From 0.43 to before 0.161.0, when building a Hugo site that uses Node-based asset pipelines PostCSS, Babel, TailwindCSS, Hugo invoked the configured Node tools without restrictions on file system access. As a result, executing hugo against an untrusted site could...

8.6CVSS5.5AI score0.00274EPSS
Exploits0References1
Snyk
Snyk
added 2026/02/05 6:35 p.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the HttpUriPlugin component when HTTP redirects are followed without re-validating the allowed URIs. An attacker can cause unauthorized network requests to internal services and inclusion of untruste...

3.7CVSS5.4AI score0.002EPSS
Exploits1References2
CNVD
CNVD
added 2024/05/31 12:0 a.m.5 views

JetBrains TeamCity untrusted build sets up cross-site scripting vulnerability

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in...

5.4CVSS6.2AI score0.00267EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/04/12 12:0 a.m.4 views

PT-2022-19387 · Jenkins · Jenkins Pipeline: Shared Groovy Libraries Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline: Shared Groovy Libraries Plugin versions 564.ve62a 4eb b e039 and earlier, except version 2.21.3 Description: The issue allows attackers who can submit pull requests, but not commit directly to the configured SCM, to change t...

7.3CVSS5.3AI score0.01116EPSS
Exploits0References6
Rows per page
Query Builder