Max CVSS 7.5 Min CVSS 3.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-10405 3.5
Jenkins 2.196 and earlier, LTS 2.176.3 and earlier printed the value of the "Cookie" HTTP request header on the /whoAmI/ URL, allowing attackers exploiting another XSS vulnerability to obtain the HTTP session cookie despite it being marked HttpOnly.
02-11-2023 - 21:30 25-09-2019 - 16:15
CVE-2019-10406 3.5
Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not restrict or filter values set as Jenkins URL in the global configuration, resulting in a stored XSS vulnerability exploitable by attackers with Overall/Administer permission.
02-11-2023 - 21:30 25-09-2019 - 16:15
CVE-2019-10404 3.5
Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not escape the reason why a queue items is blcoked in tooltips, resulting in a stored XSS vulnerability exploitable by users able to control parts of the reason a queue item is blocked, such as l
02-11-2023 - 21:30 25-09-2019 - 16:15
CVE-2019-10402 3.5
In Jenkins 2.196 and earlier, LTS 2.176.3 and earlier, the f:combobox form control interpreted its item labels as HTML, resulting in a stored XSS vulnerability exploitable by users with permission to define its contents.
02-11-2023 - 21:06 25-09-2019 - 16:15
CVE-2019-10403 3.5
Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not escape the SCM tag name on the tooltip for SCM tag actions, resulting in a stored XSS vulnerability exploitable by users able to control SCM tag names for these actions.
02-11-2023 - 21:06 25-09-2019 - 16:15
CVE-2019-10401 3.5
In Jenkins 2.196 and earlier, LTS 2.176.3 and earlier, the f:expandableTextBox form control interpreted its content as HTML when expanded, resulting in a stored XSS vulnerability exploitable by users with permission to define its contents (typically
02-11-2023 - 21:06 25-09-2019 - 16:15
CVE-2019-10328 6.5
Jenkins Pipeline Remote Loader Plugin 1.4 and earlier provided a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection.
25-10-2023 - 18:16 31-05-2019 - 15:29
CVE-2020-9548 6.8
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core).
13-09-2023 - 14:57 02-03-2020 - 04:15
CVE-2020-9547 6.8
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap).
13-09-2023 - 14:57 02-03-2020 - 04:15
CVE-2019-12086 5.0
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java ja
13-09-2023 - 14:16 17-05-2019 - 17:29
CVE-2019-11840 4.3
An issue was discovered in supplementary Go cryptography libraries, aka golang-googlecode-go-crypto, before 2019-03-20. A flaw was found in the amd64 implementation of golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa. If more than 25
17-06-2023 - 00:15 09-05-2019 - 16:29
CVE-2020-8840 7.5
FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.
08-06-2023 - 17:54 10-02-2020 - 21:56
CVE-2019-10906 5.0
In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.
01-03-2023 - 14:56 07-04-2019 - 00:29
CVE-2019-12387 4.3
In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.
28-02-2023 - 20:47 10-06-2019 - 12:29
CVE-2020-8184 5.0
A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.
16-02-2023 - 19:24 19-06-2020 - 17:15
CVE-2020-14380 6.0
An account takeover flaw was found in Red Hat Satellite 6.7.2 onward. A potential attacker with proper authentication to the relevant external authentication source (SSO or Open ID) can claim the privileges of already existing local users of Satellit
12-02-2023 - 23:40 02-06-2021 - 13:15
CVE-2020-14334 4.6
A flaw was found in Red Hat Satellite 6 which allows privileged attacker to read cache files. These cache credentials could help attacker to gain complete control of the Satellite instance.
12-02-2023 - 23:40 31-07-2020 - 13:15
CVE-2019-14825 4.0
A cleartext password storage issue was discovered in Katello, versions 3.x.x.x before katello 3.12.0.9. Registry credentials used during container image discovery were inadvertently logged without being masked. This flaw could expose the registry cre
12-02-2023 - 23:34 25-11-2019 - 16:15
CVE-2020-5267 3.5
In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks. The issue is fixed in
03-02-2023 - 16:39 19-03-2020 - 18:15
CVE-2020-8161 5.0
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
02-02-2023 - 19:20 02-07-2020 - 19:15
CVE-2018-3741 4.3
There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes ca
30-01-2023 - 16:10 30-03-2018 - 19:29
CVE-2020-7663 5.0
websocket-extensions ruby module prior to 0.1.5 allows Denial of Service (DoS) via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-b
20-01-2023 - 18:22 02-06-2020 - 19:15
CVE-2019-3893 4.0
In Foreman it was discovered that the delete compute resource operation, when executed from the Foreman API, leads to the disclosure of the plaintext password or token for the affected compute resource. A malicious user with the "delete_compute_resou
30-11-2022 - 22:00 09-04-2019 - 16:29
CVE-2020-10716 4.0
A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not properly restricted to the view. This flaw allows a malicious Satellite user to scan through the Job Invocation, with the ability to search for passwords and
21-10-2022 - 17:58 27-05-2021 - 19:15
CVE-2019-10086 7.5
In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by defa
25-07-2022 - 18:15 20-08-2019 - 21:15
CVE-2020-10693 5.0
A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows attackers to bypass input sanitation (escaping, stripping
10-05-2022 - 15:46 06-05-2020 - 14:15
CVE-2020-7943 5.0
Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types (which may contain
24-01-2022 - 16:46 11-03-2020 - 23:15
CVE-2020-7942 4.0
Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the `
30-12-2021 - 13:33 19-02-2020 - 21:15
CVE-2020-10969 6.8
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.
07-12-2021 - 19:43 26-03-2020 - 13:15
CVE-2020-10968 6.8
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).
07-12-2021 - 19:43 26-03-2020 - 13:15
CVE-2020-9546 6.8
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).
02-12-2021 - 21:22 02-03-2020 - 04:15
CVE-2020-14062 6.8
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).
17-11-2021 - 20:21 14-06-2020 - 20:15
CVE-2020-14195 6.8
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity).
17-11-2021 - 20:20 16-06-2020 - 16:15
CVE-2020-14061 6.8
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, o
17-11-2021 - 16:56 14-06-2020 - 20:15
CVE-2019-16782 4.3
There's a possible information leak / session hijack vulnerability in Rack (RubyGem rack). This vulnerability is patched in versions 1.6.12 and 2.0.8. Attackers may be able to find and hijack sessions by using timing attacks targeting the session id.
02-11-2021 - 18:04 18-12-2019 - 20:15
CVE-2018-1000632 5.0
dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be explo
07-09-2021 - 06:15 20-08-2018 - 19:31
CVE-2020-7238 5.0
Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869
27-05-2021 - 16:21 27-01-2020 - 17:15
CVE-2020-11619 6.8
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).
22-02-2021 - 21:29 07-04-2020 - 23:15
CVE-2019-12086 5.0
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java ja
01-10-2020 - 00:15 17-05-2019 - 17:29
CVE-2019-10198 4.0
An authentication bypass vulnerability was discovered in foreman-tasks before 0.15.7. Previously, commit tasks were searched through find_resource, which performed authorization checks. After the change to Foreman, an unauthenticated user can view th
30-09-2020 - 18:16 31-07-2019 - 22:15
CVE-2019-10198 4.0
An authentication bypass vulnerability was discovered in foreman-tasks before 0.15.7. Previously, commit tasks were searched through find_resource, which performed authorization checks. After the change to Foreman, an unauthenticated user can view th
30-09-2020 - 18:16 31-07-2019 - 22:15
CVE-2020-7238 5.0
Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869
25-09-2020 - 20:15 27-01-2020 - 17:15
CVE-2019-12781 5.0
An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1.10, and 2.2 before 2.2.3. An HTTP request is not redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings are used, and the proxy connects to Django vi
24-08-2020 - 17:37 01-07-2019 - 14:15
CVE-2020-5217 5.0
In Secure Headers (RubyGem secure_headers), a directive injection vulnerability is present in versions before 3.8.0, 5.1.0, and 6.2.0. If user-supplied input was passed into append/override_content_security_policy_directives, a semicolon could be inj
21-05-2020 - 13:51 23-01-2020 - 03:15
CVE-2018-11751 4.8
Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0.
07-04-2020 - 13:10 16-12-2019 - 22:15
CVE-2012-6685 5.0
Nokogiri before 1.5.4 is vulnerable to XXE attacks
25-02-2020 - 18:35 19-02-2020 - 15:15
CVE-2020-5216 5.0
In Secure Headers (RubyGem secure_headers), a directive injection vulnerability is present in versions before 3.9.0, 5.2.0, and 6.3.0. If user-supplied input was passed into append/override_content_security_policy_directives, a newline could be injec
18-02-2020 - 14:58 23-01-2020 - 03:15
CVE-2018-8048 4.3
In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.
22-11-2019 - 09:15 27-03-2018 - 17:29
CVE-2018-16470 5.0
There is a possible DoS vulnerability in the multipart parser in Rack before 2.0.6. Specially crafted requests can cause the multipart parser to enter a pathological state, causing the parser to use CPU resources disproportionate to the request size.
09-10-2019 - 23:36 13-11-2018 - 23:29
CVE-2019-0231 5.0
Handling of the close_notify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear text messages afterward. Mitigation: 2.0.20 users should migrate to 2.
08-10-2019 - 17:47 01-10-2019 - 20:15
CVE-2018-3258 6.5
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple p
03-10-2019 - 00:03 17-10-2018 - 01:31
CVE-2016-10745 5.0
In Pallets Jinja before 2.8.1, str.format allows a sandbox escape.
06-06-2019 - 16:29 08-04-2019 - 13:29
CVE-2018-11627 4.3
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception.
26-02-2019 - 15:03 31-05-2018 - 19:29
CVE-2016-10516 4.3
Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 (as used in Pallets Flask and other products) allows remote attackers to inject arbitrary web script or HTML v
04-02-2018 - 02:29 23-10-2017 - 16:29
CVE-2017-17718 4.3
The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has Missing SSL Certificate Validation.
05-01-2018 - 18:12 17-12-2017 - 21:29
Back to Top Mark selected
Back to Top