Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
Jenkins project

jenkins_gerrit_trigger

4 Versions 4 CVEs

Versions

2.35.2

SEMANTIC 1 CVE

2.30.1

SEMANTIC 2 CVEs

2.38.0

SEMANTIC 1 CVE

unspecified

OTHER 4 CVEs

Recent CVEs

CVE-2023-24423

A cross-site request forgery (CSRF) vulnerability in Jenkins Gerrit Trigger Plugin 2.38.0 and earlier allows attackers to rebuild previous builds triggered by Gerrit.

UNKNOWN Jan 24, 2023

CVE-2022-29039

Jenkins Gerrit Trigger Plugin 2.35.2 and earlier does not escape the name and description of Base64 Encoded String parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

UNKNOWN Apr 12, 2022

CVE-2019-16552

A missing permission check in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials, or determine the existence of a file with a given path on the Jenkins master.

UNKNOWN Dec 17, 2019

CVE-2019-16551

A cross-site request forgery vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and earlier allows attackers to connect to an attacker-specified HTTP URL or SSH server using attacker-specified credentials.

UNKNOWN Dec 17, 2019