Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins maven vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2021-26291
Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (pom) which may be surprising to some users, resulting in potential risk if a malicious actor takes over that repository or is able to insert themselves into a position to pretend ...
Apache Maven
Quarkus Quarkus
Oracle Financial Services Analytical Applications Infrastructure
Oracle Goldengate Big Data And Application Adapters 23.1
1 Github repository
605
VMScore
CVE-2019-10359
A cross-site request forgery vulnerability in Jenkins Maven Release Plugin 0.14.0 and previous versions in the M2ReleaseAction#doSubmit method allowed malicious users to perform releases with attacker-specified options.
Jenkins M2release
187
VMScore
CVE-2019-10361
Jenkins Maven Release Plugin 0.14.0 and previous versions stored credentials unencrypted on the Jenkins master where they could be viewed by users with access to the master file system.
Jenkins M2release
312
VMScore
CVE-2019-10360
A stored cross site scripting vulnerability in Jenkins Maven Release Plugin 0.14.0 and previous versions allowed malicious users to inject arbitrary HTML and JavaScript in the plugin-provided web pages in Jenkins.
Jenkins M2 Release
312
VMScore
CVE-2022-34195
Jenkins Repository Connector Plugin 2.2.0 and previous versions does not escape the name and description of Maven Repository Artifact parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Confi...
Jenkins Repository Connector
383
VMScore
CVE-2019-10324
A cross-site request forgery vulnerability in Jenkins Artifactory Plugin 3.2.2 and previous versions in ReleaseAction#doSubmit, GradleReleaseApiAction#doStaging, MavenReleaseApiAction#doStaging, and UnifiedPromoteBuildAction#doSubmit allowed malicious users to schedule a release ...
Jfrog Artifactory
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3