Skip to main content
CVE-2018-1999039 MEDIUM PATCH This Month

A server-side request forgery vulnerability exists in Jenkins Confluence Publisher Plugin 2.0.1 and earlier in ConfluenceSite.java that allows attackers to have Jenkins submit login requests to an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Atlassian Jenkins SSRF Confluence Publisher
NVD
CVSS 3.0
4.3
EPSS
0.6%
CVE-2018-1999037 MEDIUM PATCH This Month

A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a resource. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Jenkins Information Disclosure Resource Disposer
NVD
CVSS 3.0
4.3
EPSS
0.8%
CVE-2018-1999038 MEDIUM PATCH This Month

A confused deputy vulnerability exists in Jenkins Publisher Over CIFS Plugin 0.10 and earlier in CifsPublisherPluginDescriptor.java that allows attackers to have Jenkins connect to an attacker. Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable. No vendor patch available.

Java Jenkins Information Disclosure Publish Over Cifs
NVD
CVSS 3.0
4.2
EPSS
0.5%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy