CVE-2022-20612

Опубликовано: 12 янв. 2022

Источник: debian

EPSS Низкий

Описание

A cross-site request forgery (CSRF) vulnerability in Jenkins 2.329 and earlier, LTS 2.319.1 and earlier allows attackers to trigger build of job without parameters when no security realm is set.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
jenkins	removed			package

EPSS

Процентиль: 42%

0.002

Низкий

Связанные уязвимости

CVE-2022-20612

CVSS3: 4.3

ubuntu

около 4 лет назад

A cross-site request forgery (CSRF) vulnerability in Jenkins 2.329 and earlier, LTS 2.319.1 and earlier allows attackers to trigger build of job without parameters when no security realm is set.

CVE-2022-20612

CVSS3: 4.3

redhat

около 4 лет назад

A cross-site request forgery (CSRF) vulnerability in Jenkins 2.329 and earlier, LTS 2.319.1 and earlier allows attackers to trigger build of job without parameters when no security realm is set.

CVE-2022-20612

CVSS3: 4.3

nvd

около 4 лет назад

A cross-site request forgery (CSRF) vulnerability in Jenkins 2.329 and earlier, LTS 2.319.1 and earlier allows attackers to trigger build of job without parameters when no security realm is set.

GHSA-p92q-7fhh-mq35

CVSS3: 4.3

github

около 4 лет назад

Cross-Site Request Forgery in Jenkins

EPSS

Процентиль: 42%

0.002

Низкий