Lucene search
K

76 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-0341

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.005EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-2693

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.00462EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-2696

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.00569EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2023-2695

Malicious code in bioql PyPI...

5.3CVSS5.5AI score0.00557EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-39898

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of GitLab CE/EE since version 10.6, a project export leaks the external webhook token value which may allow access to the project which it was...

5.3CVSS5.6AI score0.01245EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:42 a.m.8 views

CVE-2024-23903

Jenkins GitLab Branch Source Plugin 684.veafa7c1e2fe3 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.3CVSS6.4AI score0.005EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:59 a.m.12 views

CVE-2023-46657

Jenkins Gogs Plugin 1.0.15 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.3CVSS6.6AI score0.00569EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:59 a.m.10 views

CVE-2023-46656

Jenkins Multibranch Scan Webhook Trigger Plugin 1.0.9 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.3CVSS6.6AI score0.00557EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 12:5 a.m.12 views

CVE-2022-43411

Jenkins GitLab Plugin 1.5.35 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.3CVSS6.4AI score0.00655EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:47 p.m.4 views

CVE-2021-39898

In all versions of GitLab CE/EE since version 10.6, a project export leaks the external webhook token value which may allow access to the project which it was exported from...

5.3CVSS6.6AI score0.01245EPSS
Exploits0References1
OSV
OSV
added 2024/01/24 6:15 p.m.2 views

CVE-2024-23903

Jenkins GitLab Branch Source Plugin 684.veafa7c1e2fe3 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.3CVSS5.8AI score0.005EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/01/24 5:52 p.m.16 views

CVE-2024-23903

Jenkins GitLab Branch Source Plugin 684.veafa7c1e2fe3 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

6.4AI score0.005EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/01/24 5:52 p.m.32 views

CVE-2024-23903

Jenkins GitLab Branch Source Plugin 684.veafa7c1e2fe3 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.7AI score0.005EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2024/01/24 5:52 p.m.26 views

CVE-2024-23903

Jenkins GitLab Branch Source Plugin 684.veafa7c1e2fe3 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.3CVSS6.9AI score0.005EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/24 12:0 a.m.4 views

PT-2024-1426 · Jenkins +1 · Jenkins Gitlab Branch Source Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins GitLab Branch Source Plugin versions 684.vea fa 7c1e2fe3 and earlier Description: The issue is related to the use of a non-constant time comparison function when checking whether the provided and expected webhook token are equal. This...

5.3CVSS6.4AI score0.005EPSS
Exploits0References13
CNNVD
CNNVD
added 2024/01/24 12:0 a.m.6 views

Jenkins Plugin GitLab Branch Source Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

5.3CVSS6.8AI score0.005EPSS
Exploits0References5
OSV
OSV
added 2023/10/25 6:17 p.m.18 views

CVE-2023-46658

Jenkins MSTeams Webhook Trigger Plugin 0.1.1 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.3CVSS6.9AI score
Exploits0References2
NVD
NVD
added 2023/10/25 6:17 p.m.33 views

CVE-2023-46660

Jenkins Zanata Plugin 0.6 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token hashes are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.3CVSS6AI score0.00462EPSS
Exploits0References2
NVD
NVD
added 2023/10/25 6:17 p.m.36 views

CVE-2023-46657

Jenkins Gogs Plugin 1.0.15 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.3CVSS6AI score0.00569EPSS
Exploits0References2
OSV
OSV
added 2023/10/25 6:17 p.m.4 views

CVE-2023-46660

Jenkins Zanata Plugin 0.6 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token hashes are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token...

5.3CVSS5.8AI score0.00462EPSS
Exploits0References2
Rows per page
Query Builder