Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins swarm vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv3
CVE-2019-10309
Jenkins Self-Organizing Swarm Plug-in Modules Plugin clients that use UDP broadcasts to discover Jenkins masters do not prevent XML External Entity processing when processing the responses, allowing unauthorized attackers on the same network to read arbitrary files from Swarm cli...
Jenkins Self-organizing Swarm Modules -
6.5
CVSSv3
CVE-2020-2192
A cross-site request forgery vulnerability in Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and previous versions allows malicious users to add or remove agent labels.
Jenkins Self-organizing Swarm Modules
5.9
CVSSv3
CVE-2017-1000402
Jenkins Swarm Plugin Client 3.4 and previous versions bundled a version of the commons-httpclient library with the vulnerability CVE-2012-6153 that incorrectly verified SSL certificates, making it susceptible to man-in-the-middle attacks.
Jenkins Swarm
5.4
CVSSv3
CVE-2023-40350
Jenkins Docker Swarm Plugin 1.11 and previous versions does not escape values returned from Docker before inserting them into the Docker Swarm Dashboard view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control responses from Do...
Jenkins Docker Swarm
4.3
CVSSv3
CVE-2020-2191
Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and previous versions does not check permissions on API endpoints that allow adding and removing agent labels.
Jenkins Self-organizing Swarm Modules
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started