Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-49673 | 1 Jenkins | 4 Google Compute Engine, Jira, Matlab and 1 more | 2024-08-01 | N/A | 8.8 HIGH |
A cross-site request forgery (CSRF) vulnerability in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier allows attackers to connect to an attacker-specified hostname and port using attacker-specified username and password. | |||||
CVE-2023-49654 | 1 Jenkins | 1 Matlab | 2024-02-05 | N/A | 9.8 CRITICAL |
Missing permission checks in Jenkins MATLAB Plugin 2.11.0 and earlier allow attackers to have Jenkins parse an XML file from the Jenkins controller file system. | |||||
CVE-2023-49655 | 1 Jenkins | 1 Matlab | 2024-02-05 | N/A | 8.8 HIGH |
A cross-site request forgery (CSRF) vulnerability in Jenkins MATLAB Plugin 2.11.0 and earlier allows attackers to have Jenkins parse an XML file from the Jenkins controller file system. | |||||
CVE-2023-49656 | 1 Jenkins | 1 Matlab | 2024-02-05 | N/A | 9.8 CRITICAL |
Jenkins MATLAB Plugin 2.11.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. |