Количество 2
Количество 2
CVE-2022-25208
почти 4 года назад
A missing permission check in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers with Overall/Read permission to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response.
CVSS3: 8.8
EPSS: Низкий
GHSA-fq56-c7rj-j3j9
почти 4 года назад
Missing permission checks in Jenkins Chef Sinatra Plugin allow XXE
CVSS3: 8.8
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-25208 A missing permission check in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers with Overall/Read permission to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response. | CVSS3: 8.8 | 0% Низкий | почти 4 года назад |
| GHSA-fq56-c7rj-j3j9 Missing permission checks in Jenkins Chef Sinatra Plugin allow XXE | CVSS3: 8.8 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу
20