|
248961
|
4.3 |
MEDIUM
Network
|
jenkins
oracle
|
jenkins
communications_cloud_native_core_automated_test_suite
|
A information exposure vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in AboutJenkins.java, ListPluginsCommand.java that allows users with Overall/Read access to enumerate all…
|
NVD-CWE-noinfo
|
CVE-2018-1000192
|
2024-11-21 12:39 |
2018-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248962
|
6.5 |
MEDIUM
Network
|
jenkins
|
synopsys_detect
|
A exposure of sensitive information vulnerability exists in Jenkins Black Duck Detect Plugin 1.4.0 and older in DetectPostBuildStepDescriptor.java that allows attackers with Overall/Read access to co…
|
CWE-200
Information Exposure
|
CVE-2018-1000191
|
2024-11-21 12:39 |
2018-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248963
|
6.5 |
MEDIUM
Network
|
jenkins
|
black_duck_hub
|
A exposure of sensitive information vulnerability exists in Jenkins Black Duck Hub Plugin 4.0.0 and older in PostBuildScanDescriptor.java that allows attackers with Overall/Read access to connect to …
|
CWE-200
Information Exposure
|
CVE-2018-1000190
|
2024-11-21 12:39 |
2018-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248964
|
8.8 |
HIGH
Network
|
jenkins
|
absint_astree
|
A command execution vulnerability exists in Jenkins Absint Astree Plugin 1.0.5 and older in AstreeBuilder.java that allows attackers with Overall/Read access to execute a command on the Jenkins maste…
|
NVD-CWE-noinfo
|
CVE-2018-1000189
|
2024-11-21 12:39 |
2018-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248965
|
5.4 |
MEDIUM
Network
|
jenkins
|
cas
|
A server-side request forgery vulnerability exists in Jenkins CAS Plugin 1.4.1 and older in CasSecurityRealm.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2018-1000188
|
2024-11-21 12:39 |
2018-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248966
|
6.5 |
MEDIUM
Network
|
jenkins
|
kubernetes
|
A exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.7.0 and older in ContainerExecDecorator.java that results in sensitive variables such as passwords being writte…
|
CWE-200
Information Exposure
|
CVE-2018-1000187
|
2024-11-21 12:39 |
2018-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248967
|
6.5 |
MEDIUM
Network
|
jenkins
|
github_pull_request_builder
|
A exposure of sensitive information vulnerability exists in Jenkins GitHub Pull Request Builder Plugin 1.41.0 and older in GhprbGitHubAuth.java that allows attackers with Overall/Read access to conne…
|
CWE-200
Information Exposure
|
CVE-2018-1000186
|
2024-11-21 12:39 |
2018-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248968
|
4.3 |
MEDIUM
Network
|
jenkins
|
github_branch_source
|
A server-side request forgery vulnerability exists in Jenkins GitHub Branch Source Plugin 2.3.4 and older in Endpoint.java that allows attackers with Overall/Read access to cause Jenkins to send a GE…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2018-1000185
|
2024-11-21 12:39 |
2018-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248969
|
5.4 |
MEDIUM
Network
|
jenkins
|
github
|
A server-side request forgery vulnerability exists in Jenkins GitHub Plugin 1.29.0 and older in GitHubPluginConfig.java that allows attackers with Overall/Read access to cause Jenkins to send a GET r…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2018-1000184
|
2024-11-21 12:39 |
2018-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248970
|
6.5 |
MEDIUM
Network
|
jenkins
|
github
|
A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.0 and older in GitHubServerConfig.java that allows attackers with Overall/Read access to connect to an attacker-…
|
CWE-200
Information Exposure
|
CVE-2018-1000183
|
2024-11-21 12:39 |
2018-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
