Количество 2
Количество 2
CVE-2018-1000422
An improper authorization vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier in CrowdSecurityRealm.java that allows attackers to have Jenkins perform a connection test, connecting to an attacker-specified server with attacker-specified credentials and connection settings.
GHSA-grmg-5q49-mqmf
Jenkins Crowd 2 Integration Plugin server-side request forgery vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-1000422 An improper authorization vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier in CrowdSecurityRealm.java that allows attackers to have Jenkins perform a connection test, connecting to an attacker-specified server with attacker-specified credentials and connection settings. | CVSS3: 6.5 | 0% Низкий | около 7 лет назад |
| GHSA-grmg-5q49-mqmf Jenkins Crowd 2 Integration Plugin server-side request forgery vulnerability | CVSS3: 6.5 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу