Количество 2
Количество 2
CVE-2022-27211
A missing permission check in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
GHSA-794j-hx96-4w3m
CSRF vulnerability and missing permission checks in Jenkins kubernetes-cd Plugin allow capturing credentials
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-27211 A missing permission check in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | CVSS3: 6.5 | 0% Низкий | почти 4 года назад |
| GHSA-794j-hx96-4w3m CSRF vulnerability and missing permission checks in Jenkins kubernetes-cd Plugin allow capturing credentials | CVSS3: 7.1 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу