Filtered by vendor Jenkins-ci
Subscribe
Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-6372 | 1 Jenkins-ci | 1 Subversion-plugin | 2023-02-12 | 2.1 LOW | N/A |
The Subversion plugin before 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file. | |||||
CVE-2014-3678 | 1 Jenkins-ci | 1 Monitoring Plugin | 2023-02-12 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2014-3679 | 1 Jenkins-ci | 1 Monitoring Plugin | 2016-07-15 | 5.0 MEDIUM | N/A |
The Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to obtain sensitive information by accessing unspecified pages. | |||||
CVE-2013-6374 | 1 Jenkins-ci | 1 Build Failure Analyzer | 2016-07-15 | 3.5 LOW | N/A |
Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer plugin before 1.5.1 for Jenkins allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2013-6373 | 1 Jenkins-ci | 1 Exclusion | 2016-07-15 | 5.5 MEDIUM | N/A |
The Exclusion plugin before 0.9 for Jenkins does not properly prevent access to resource locks, which allows remote authenticated users to list and release resources via unspecified vectors. |