Skip to main content

Continuous Integration With Toad Edge

4 CVEs product

Monthly

CVE-2022-28148 Maven MEDIUM PATCH This Month

The file browser in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Jenkins Path Traversal Continuous Integration With Toad Edge
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2022-28147 Maven MEDIUM PATCH This Month

A missing permission check in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Continuous Integration With Toad Edge
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2022-28146 Maven MEDIUM PATCH This Month

Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Item/Configure permission to read arbitrary files on the Jenkins controller by specifying an input folder on. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Path Traversal Continuous Integration With Toad Edge
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2022-28145 Maven MEDIUM PATCH This Month

Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier does not apply Content-Security-Policy headers to report files it serves, resulting in a stored cross-site scripting (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Continuous Integration With Toad Edge
NVD
CVSS 3.1
5.4
EPSS
0.8%
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

The file browser in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier may interpret some paths to files as absolute on Windows, resulting in a path traversal vulnerability allowing. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Jenkins Path Traversal +1
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

A missing permission check in Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Continuous Integration With Toad Edge
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier allows attackers with Item/Configure permission to read arbitrary files on the Jenkins controller by specifying an input folder on. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Path Traversal Continuous Integration With Toad Edge
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Jenkins Continuous Integration with Toad Edge Plugin 2.3 and earlier does not apply Content-Security-Policy headers to report files it serves, resulting in a stored cross-site scripting (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Continuous Integration With Toad Edge
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy