Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3
CVE-2023-30519
- EPSS 0.11%
- Published 12.04.2023 18:15:09
- Last modified 07.02.2025 17:15:27
A missing permission check in Jenkins Quay.io trigger Plugin 0.1 and earlier allows unauthenticated attackers to trigger builds of jobs corresponding to the attacker-specified repository.
5.4
CVE-2023-30520
- EPSS 0.96%
- Published 12.04.2023 18:15:09
- Last modified 07.02.2025 18:15:27
Jenkins Quay.io trigger Plugin 0.1 and earlier does not limit URL schemes for repository homepage URLs submitted via Quay.io trigger webhooks, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to submit craf...
1