Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins chef sinatra vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2022-25207
A cross-site request forgery (CSRF) vulnerability in Jenkins Chef Sinatra Plugin 1.20 and previous versions allows malicious users to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response.
Jenkins Chef Sinatra
6.5
CVSSv2
CVE-2022-25208
A missing permission check in Jenkins Chef Sinatra Plugin 1.20 and previous versions allows attackers with Overall/Read permission to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response.
Jenkins Chef Sinatra
6.5
CVSSv2
CVE-2022-25209
Jenkins Chef Sinatra Plugin 1.20 and previous versions does not configure its XML parser to prevent XML external entity (XXE) attacks.
Jenkins Chef Sinatra
4.3
CVSSv2
CVE-2019-1003086
A cross-site request forgery vulnerability in Jenkins Chef Sinatra Plugin in the ChefBuilderConfiguration.DescriptorImpl#doTestConnection form validation method allows malicious users to initiate a connection to an attacker-specified server.
Jenkins Chef Sinatra
4
CVSSv2
CVE-2019-1003087
A missing permission check in Jenkins Chef Sinatra Plugin in the ChefBuilderConfiguration.DescriptorImpl#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.
Jenkins Chef Sinatra
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started