Filtered by vendor Barchart
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-2295 | 1 Barchart | 1 Maven Cascade Release | 2020-10-09 | 4.3 MEDIUM | 6.5 MEDIUM |
A cross-site request forgery (CSRF) vulnerability in Jenkins Maven Cascade Release Plugin 1.3.2 and earlier allows attackers to start cascade builds and layout builds, and reconfigure the plugin. | |||||
CVE-2020-2294 | 1 Barchart | 1 Maven Cascade Release | 2020-10-09 | 4.0 MEDIUM | 6.5 MEDIUM |
Jenkins Maven Cascade Release Plugin 1.3.2 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to start cascade builds and layout builds, and reconfigure the plugin. |