Skip to main content

Job And Node Ownership

5 CVEs product

Monthly

CVE-2022-28152 Maven MEDIUM This Month

A cross-site request forgery (CSRF) vulnerability in Jenkins Job and Node ownership Plugin 0.13.0 and earlier allows attackers to restore the default ownership of a job. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Jenkins Job And Node Ownership
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2022-28151 Maven MEDIUM This Month

A missing permission check in Jenkins Job and Node ownership Plugin 0.13.0 and earlier allows attackers with Item/Read permission to change the owners and item-specific permissions of a job. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Job And Node Ownership
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2022-28150 Maven HIGH This Week

A cross-site request forgery (CSRF) vulnerability in Jenkins Job and Node ownership Plugin 0.13.0 and earlier allows attackers to change the owners and item-specific permissions of a job. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Jenkins Job And Node Ownership
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2022-28149 Maven MEDIUM This Month

Jenkins Job and Node ownership Plugin 0.13.0 and earlier does not escape the names of the secondary owners, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Job And Node Ownership
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2018-1000107 Maven MEDIUM PATCH This Month

An improper authorization vulnerability exists in Jenkins Job and Node Ownership Plugin 0.11.0 and earlier in OwnershipDescription.java, JobOwnerJobProperty.java, and OwnerNodeProperty.java that. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Authentication Bypass Jenkins Job And Node Ownership
NVD
CVSS 3.0
6.5
EPSS
0.7%
EPSS 1% CVSS 4.3
MEDIUM This Month

A cross-site request forgery (CSRF) vulnerability in Jenkins Job and Node ownership Plugin 0.13.0 and earlier allows attackers to restore the default ownership of a job. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Jenkins Job And Node Ownership
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

A missing permission check in Jenkins Job and Node ownership Plugin 0.13.0 and earlier allows attackers with Item/Read permission to change the owners and item-specific permissions of a job. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Job And Node Ownership
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A cross-site request forgery (CSRF) vulnerability in Jenkins Job and Node ownership Plugin 0.13.0 and earlier allows attackers to change the owners and item-specific permissions of a job. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Jenkins Job And Node Ownership
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

Jenkins Job and Node ownership Plugin 0.13.0 and earlier does not escape the names of the secondary owners, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Job And Node Ownership
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

An improper authorization vulnerability exists in Jenkins Job and Node Ownership Plugin 0.11.0 and earlier in OwnershipDescription.java, JobOwnerJobProperty.java, and OwnerNodeProperty.java that. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Authentication Bypass Jenkins +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy