Filtered by vendor Jenkins
Subscriptions
Filtered by product Gerrit Trigger
Subscriptions
Total
6 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-24423 | 1 Jenkins | 1 Gerrit Trigger | 2024-11-21 | 6.5 Medium |
A cross-site request forgery (CSRF) vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit. | ||||
CVE-2022-29039 | 1 Jenkins | 1 Gerrit Trigger | 2024-11-21 | 5.4 Medium |
Jenkins Gerrit Trigger Plugin 2.35.2 and earlier does not escape the name and description of Base64 Encoded String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | ||||
CVE-2019-16552 | 1 Jenkins | 1 Gerrit Trigger | 2024-11-21 | 5.4 Medium |
A missing permission check in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials, or determine the existence of a file with a given path on the Jenkins master. | ||||
CVE-2019-16551 | 1 Jenkins | 1 Gerrit Trigger | 2024-11-21 | 8.8 High |
A cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials. | ||||
CVE-2018-1000106 | 1 Jenkins | 1 Gerrit Trigger | 2024-11-21 | N/A |
An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and earlier in GerritManagement.java, GerritServer.java, and PluginImpl.java that allows an attacker with Overall/Read access to modify the Gerrit configuration in Jenkins. | ||||
CVE-2018-1000105 | 1 Jenkins | 1 Gerrit Trigger | 2024-11-21 | N/A |
An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and earlier in GerritManagement.java, GerritServer.java, and PluginImpl.java that allows an attacker with Overall/Read access to retrieve some configuration information about Gerrit in Jenkins. |
Page 1 of 1.