Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3
CVE-2026-57299
- EPSS 0.17%
- Veröffentlicht 24.06.2026 13:20:15
- Zuletzt bearbeitet 06.07.2026 16:16:35
Missing permission checks in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allow attackers with Overall/Read permission to enumerate the names of configured Contrast metadata.
4.3
CVE-2026-57297
- EPSS 0.17%
- Veröffentlicht 24.06.2026 13:20:13
- Zuletzt bearbeitet 06.07.2026 16:16:35
A missing permission check in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using an attacker-specified username, API key, and service ke...
5.4
CVE-2022-43420
- EPSS 0.64%
- Veröffentlicht 19.10.2022 16:15:11
- Zuletzt bearbeitet 08.05.2025 19:15:53
Jenkins Contrast Continuous Application Security Plugin 3.9 and earlier does not escape data returned from the Contrast service when generating a report, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to ...
1