jenkins gerrit trigger vulnerabilities and exploits

(subscribe to this query)

A cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and previous versions allows malicious users to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials.

Jenkins Gerrit Trigger

A missing permission check in Jenkins Gerrit Trigger Plugin 2.30.1 and previous versions allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials, or determine the existence of a file with a give...

Jenkins Gerrit Trigger

An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and previous versions in GerritManagement.java, GerritServer.java, and PluginImpl.java that allows an attacker with Overall/Read access to modify the Gerrit configuration in Jenkins.

Jenkins Gerrit Trigger

An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and previous versions in GerritManagement.java, GerritServer.java, and PluginImpl.java that allows an attacker with Overall/Read access to retrieve some configuration information about Gerrit i...

Jenkins Gerrit Trigger

Jenkins Gerrit Trigger Plugin 2.35.2 and previous versions does not escape the name and description of Base64 Encoded String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure perm...

Jenkins Gerrit Trigger

A cross-site request forgery (CSRF) vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and previous versions allows malicious users to rebuild previous builds triggered by Gerrit.

Jenkins Gerrit Trigger

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook