CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2025/10/30 2:13 p.m.•1 views

CVE-2025-64138

A cross-site request forgery CSRF vulnerability in Jenkins Start Windocks Containers Plugin 1.4 and earlier allows attackers to connect to an attacker-specified URL...

4.3CVSS6.7AI score0.0002EPSS

Exploits0References1

EUVD•added 2025/10/29 3:31 p.m.•2 views

EUVD-2025-36660

Jenkins Start Windocks Containers Plugin vulnerable to cross-site request forgery...

4.3CVSS6.3AI score0.0002EPSS

Exploits0References3

EUVD•added 2025/10/29 3:31 p.m.•3 views

EUVD-2025-36659

Jenkins Start Windocks Containers Plugin is missing a permission check...

4.3CVSS6.2AI score0.00026EPSS

Exploits0References3

Github Security Blog•added 2025/10/29 3:31 p.m.•5 views

Jenkins Start Windocks Containers Plugin vulnerable to cross-site request forgery

Jenkins Start Windocks Containers Plugin 1.4 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified URL. Additionally, this endpoint does not require POST requests, resulting in a cross-site reque...

4.3CVSS6.7AI score0.0002EPSS

Exploits0References4Affected Software1

NVD•added 2025/10/29 2:15 p.m.•3 views

CVE-2025-64138

A cross-site request forgery CSRF vulnerability in Jenkins Start Windocks Containers Plugin 1.4 and earlier allows attackers to connect to an attacker-specified URL...

4.3CVSS0.0002EPSS

Exploits0References2

OSV•added 2025/10/29 2:15 p.m.•0 views

CVE-2025-64139

A missing permission check in Jenkins Start Windocks Containers Plugin 1.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...

4.3CVSS5.8AI score0.00026EPSS

Exploits0References2

NVD•added 2025/10/29 2:15 p.m.•2 views

CVE-2025-64139

A missing permission check in Jenkins Start Windocks Containers Plugin 1.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...

4.3CVSS0.00026EPSS

Exploits0References2

CVE•added 2025/10/29 1:29 p.m.•4 views

CVE-2025-64139

CVE-2025-64139 affects Jenkins Start Windocks Containers Plugin versions 1.4 and earlier. A missing permission check on an HTTP endpoint allows an attacker with Overall/Read permission to connect to an attacker-specified URL. Related advisories corroborate that this wormable-like behavior is via ...

4.3CVSS6.3AI score0.00026EPSS

Exploits0References2Affected Software1

CVE•added 2025/10/29 1:29 p.m.•6 views

CVE-2025-64138

The CVE-2025-64138 entry concerns Jenkins Start Windocks Containers Plugin (versions 1.4 and earlier). The issue is a CSRF vulnerability in an HTTP endpoint that allows attackers with Overall/Read permission to trigger connections to an attacker-specified URL, even without POST requests. Multiple...

4.3CVSS6.4AI score0.0002EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2025/10/29 12:0 a.m.•2 views

PT-2025-44287

Name of the Vulnerable Software and Affected Versions Jenkins Start Windocks Containers Plugin versions 1.4 and earlier Description A cross-site request forgery CSRF issue exists in the Jenkins Start Windocks Containers Plugin. This flaw allows attackers to force connections to a URL chosen by th...

4.3CVSS6.5AI score0.0002EPSS

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by