Skip to main content
CVE-2015-7537 HIGH PATCH This Week

Cross-site request forgery (CSRF) vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote attackers to hijack the authentication of administrators for requests that have. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

CSRF Jenkins Openshift
NVD
CVSS 3.0
8.8
EPSS
0.4%
CVE-2015-7538 HIGH PATCH This Week

Jenkins before 1.640 and LTS before 1.625.2 allow remote attackers to bypass the CSRF protection mechanism via unspecified vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

CSRF Jenkins Openshift
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2016-1905 HIGH PATCH This Week

The API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Kubernetes Authentication Bypass
NVD GitHub
CVSS 3.0
7.7
EPSS
0.2%
CVE-2015-7539 HIGH PATCH This Week

The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required.

RCE Jenkins Openshift
NVD
CVSS 3.0
7.5
EPSS
1.0%
CVE-2015-7546 HIGH PATCH This Week

The identity service in OpenStack Identity (Keystone) before 2015.1.3 (Kilo) and 8.0.x before 8.0.2 (Liberty) and keystonemiddleware (formerly python-keystoneclient) before 1.5.4 (Kilo) and Liberty. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Insufficiently Protected Credentials vulnerability could allow attackers to obtain user credentials due to weak protection mechanisms.

Python Authentication Bypass Keystonemiddleware Keystone Solaris
NVD
CVSS 3.1
7.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy