Skip to main content

Lockable Resources

2 CVEs product

Monthly

CVE-2020-2281 Maven MEDIUM PATCH This Month

A cross-site request forgery (CSRF) vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Jenkins Lockable Resources
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2019-1003042 Maven MEDIUM PATCH This Month

A cross site scripting vulnerability in Jenkins Lockable Resources Plugin 2.4 and earlier allows attackers able to control resource names to inject arbitrary JavaScript in web pages rendered by the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Lockable Resources
NVD
CVSS 3.0
5.4
EPSS
1.4%
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

A cross-site request forgery (CSRF) vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Jenkins Lockable Resources
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

A cross site scripting vulnerability in Jenkins Lockable Resources Plugin 2.4 and earlier allows attackers able to control resource names to inject arbitrary JavaScript in web pages rendered by the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Lockable Resources
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy