Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins gerrit trigger vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2019-16551
A cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and previous versions allows malicious users to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials.
Jenkins Gerrit Trigger
5.5
CVSSv2
CVE-2019-16552
A missing permission check in Jenkins Gerrit Trigger Plugin 2.30.1 and previous versions allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials, or determine the existence of a file with a give...
Jenkins Gerrit Trigger
5.5
CVSSv2
CVE-2018-1000106
An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and previous versions in GerritManagement.java, GerritServer.java, and PluginImpl.java that allows an attacker with Overall/Read access to modify the Gerrit configuration in Jenkins.
Jenkins Gerrit Trigger
4
CVSSv2
CVE-2018-1000105
An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and previous versions in GerritManagement.java, GerritServer.java, and PluginImpl.java that allows an attacker with Overall/Read access to retrieve some configuration information about Gerrit i...
Jenkins Gerrit Trigger
3.5
CVSSv2
CVE-2022-29039
Jenkins Gerrit Trigger Plugin 2.35.2 and previous versions does not escape the name and description of Base64 Encoded String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure perm...
Jenkins Gerrit Trigger
NA
CVE-2023-24423
A cross-site request forgery (CSRF) vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and previous versions allows malicious users to rebuild previous builds triggered by Gerrit.
Jenkins Gerrit Trigger
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started