Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8
CVE-2023-49654
- EPSS 0.07%
- Published 29.11.2023 14:15:07
- Last modified 21.11.2024 08:33:40
Missing permission checks in Jenkins MATLAB Plugin 2.11.0 and earlier allow attackers to have Jenkins parse an XML file from the Jenkins controller file system.
8.8
CVE-2023-49655
- EPSS 0.07%
- Published 29.11.2023 14:15:07
- Last modified 21.11.2024 08:33:40
A cross-site request forgery (CSRF) vulnerability in Jenkins MATLAB Plugin 2.11.0 and earlier allows attackers to have Jenkins parse an XML file from the Jenkins controller file system.
9.8
CVE-2023-49656
- EPSS 0.04%
- Published 29.11.2023 14:15:07
- Last modified 21.11.2024 08:33:40
Jenkins MATLAB Plugin 2.11.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
8.8
CVE-2023-49673
- EPSS 0.07%
- Published 29.11.2023 14:15:07
- Last modified 21.11.2024 08:33:40
A cross-site request forgery (CSRF) vulnerability in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier allows attackers to connect to an attacker-specified hostname and port using attacker-specified username and password.
1