Lucene search
K

21 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-5840

Malicious code in bioql PyPI...

7.1CVSS6.9AI score0.00877EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-3383

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00753EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 3:53 p.m.10 views

CVE-2020-2245

Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

7.1CVSS6.7AI score0.00877EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:20 p.m.12 views

CVE-2020-2246

Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Valgrind XML report contents...

5.4CVSS5.5AI score0.00753EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:4 a.m.6 views

SUSE CVE-2020-2245

Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

7.1CVSS7AI score0.00877EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:4 a.m.5 views

SUSE CVE-2020-2246

Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Valgrind XML report contents...

5.4CVSS5AI score0.00753EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/24 5:27 p.m.18 views

Stored XSS vulnerability in Jenkins Valgrind Plugin

Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Valgrind XML report contents...

5.4CVSS4.9AI score0.00753EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/24 5:27 p.m.22 views

XXE vulnerability in Jenkins Valgrind Plugin

Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows a user able to control the input files for the Valgrind plugin parser to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the...

7.1CVSS6.6AI score0.00877EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2020/09/08 12:0 a.m.6 views

CloudBees Jenkins XXE Vulnerability (CNVD-2020-50958)

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A XXE vulnerability exists in...

7.1CVSS7AI score0.00877EPSS
Exploits0References1
CNVD
CNVD
added 2020/09/02 12:0 a.m.6 views

CloudBees Jenkins XSS Vulnerability

CloudBees Jenkins Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. The product is mainly used to monitor the continuous software version of the release/test project and some timed execution of the task . LTS is a long-term support for CloudBeesJenkins version...

5.4CVSS6.6AI score0.00753EPSS
Exploits0References1
NVD
NVD
added 2020/09/01 2:15 p.m.13 views

CVE-2020-2245

Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

7.1CVSS6.9AI score0.00877EPSS
Exploits0References2
NVD
NVD
added 2020/09/01 2:15 p.m.19 views

CVE-2020-2246

Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Valgrind XML report contents...

5.4CVSS5.3AI score0.00753EPSS
Exploits0References2
OSV
OSV
added 2020/09/01 2:15 p.m.13 views

CVE-2020-2245

Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

7.1CVSS6.7AI score
Exploits0References2
Prion
Prion
added 2020/09/01 2:15 p.m.16 views

Xxe

Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

5.5CVSS6.8AI score0.00877EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2020/09/01 2:15 p.m.13 views

Cross site scripting

Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Valgrind XML report contents...

3.5CVSS5.3AI score0.00753EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/09/01 1:50 p.m.64 views

CVE-2020-2245

CVE-2020-2245 affects Jenkins Valgrind Plugin 0.28 and earlier. The root cause is an XML parser not configured to disable external entities, enabling XXE attacks. In-the-wild impact described in a GHSA advisory includes the possibility of parsing crafted input to exfiltrate secrets or trigger SSR...

7.1CVSS6.8AI score0.00877EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/09/01 1:50 p.m.16 views

CVE-2020-2246

Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Valgrind XML report contents...

5.3AI score0.00753EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/09/01 1:50 p.m.18 views

CVE-2020-2245

Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.9AI score0.00877EPSS
Exploits0References2
CVE
CVE
added 2020/09/01 1:50 p.m.63 views

CVE-2020-2246

CVE-2020-2246 affects Jenkins Valgrind Plugin 0.28 and earlier. The vulnerability arises because the plugin does not escape content in Valgrind XML reports, enabling stored cross-site scripting (XSS) if an attacker can control the Valgrind report contents. Connected sources corroborate the same d...

5.4CVSS5.2AI score0.00753EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2020/09/01 12:0 a.m.8 views

PT-2020-15466 · Jenkins · Jenkins Valgrind Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Valgrind Plugin versions 0.28 and earlier Description: The issue concerns the configuration of the XML parser in the Jenkins Valgrind Plugin, which does not prevent XML external entity XXE attacks. This allows a user who can control t...

7.1CVSS6.8AI score0.00877EPSS
Exploits0References6
Rows per page
Query Builder