Alauda DevOps Pipeline Plugin

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2019-16574	Jenkins Project Alauda DevOps Pipeline Plugin		0.00	—	0.00		Dec 17, 2019	A missing permission check in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in…
CVE-2019-16573	Jenkins Project Alauda DevOps Pipeline Plugin		0.00	—	0.00		Dec 17, 2019	A cross-site request forgery vulnerability in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

CVE-2019-16574Dec 17, 2019
Jenkins Project
Alauda DevOps Pipeline Plugin
risk 0.00cvss —epss 0.00
A missing permission check in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in…
CVE-2019-16573Dec 17, 2019
Jenkins Project
Alauda DevOps Pipeline Plugin
risk 0.00cvss —epss 0.00
A cross-site request forgery vulnerability in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.