Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2019-16573
A cross-site request forgery vulnerability in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and previous versions allows malicious users to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in...
Jenkins Alauda Devops Pipeline
6.8
CVSSv2
CVE-2019-16551
A cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and previous versions allows malicious users to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials.
Jenkins Gerrit Trigger
6.8
CVSSv2
CVE-2019-16575
A cross-site request forgery vulnerability in Jenkins Alauda Kubernetes Suport Plugin 2.3.0 and previous versions allows malicious users to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing the Kubernetes serv...
Jenkins Alauda Kubernetes Support
6.8
CVSSv2
CVE-2019-16548
A cross-site request forgery vulnerability in Jenkins Google Compute Engine Plugin 4.1.1 and previous versions in ComputeEngineCloud#doProvision could be used to provision new agents.
Jenkins Google Compute Engine
6.8
CVSSv2
CVE-2019-10464
A cross-site request forgery vulnerability in Jenkins Deploy WebLogic Plugin allows malicious users to connect to an attacker-specified URL using attacker-specified credentials, or determine whether a file or directory with an attacker-specified path exists on the Jenkins master ...
Jenkins Deploy Weblogic
6.8
CVSSv2
CVE-2019-10468
A cross-site request forgery vulnerability in Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin allows malicious users to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
Jenkins Kubernetes Ci
6.8
CVSSv2
CVE-2019-10471
A cross-site request forgery vulnerability in Jenkins Libvirt Slaves Plugin allows malicious users to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
Jenkins Libvirt Slaves
6.8
CVSSv2
CVE-2019-10462
A cross-site request forgery vulnerability in Jenkins Dynatrace Application Monitoring Plugin 2.1.3 and previous versions allowed malicious users to connect to an attacker-specified URL using attacker-specified credentials.
Jenkins Dynatrace Application Monitoring
6.8
CVSSv2
CVE-2019-10437
A cross-site request forgery vulnerability in Jenkins CRX Content Package Deployer Plugin 1.8.1 and previous versions allowed malicious users to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials st...
Jenkins Crx Content Package Deployer
6.8
CVSSv2
CVE-2019-10384
Jenkins 2.191 and previous versions, LTS 2.176.2 and previous versions allowed users to obtain CSRF tokens without an associated web session ID, resulting in CSRF tokens that did not expire and could be used to bypass CSRF protection for the anonymous user.
Jenkins Jenkins
Oracle Communications Cloud Native Core Automated Test Suite 1.9.0
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »