database Plugin

Source repositories

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2023-37944	Jenkins Project database Plugin	—	0.01	Jul 12, 2023	A missing permission check in Jenkins Datadog Plugin 5.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVE-2020-2242	Jenkins Project database Plugin	—	0.00	Sep 1, 2020	A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified credentials.
CVE-2020-2240	Jenkins Project database Plugin	—	0.00	Sep 1, 2020	A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to execute arbitrary SQL scripts.
CVE-2020-2241	Jenkins Project database Plugin	—	0.00	Sep 1, 2020	A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an attacker-specified database server using attacker-specified credentials.

CVE-2023-37944Jul 12, 2023
Jenkins Project
database Plugin
risk 0.00cvss —epss 0.01
A missing permission check in Jenkins Datadog Plugin 5.4.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVE-2020-2242Sep 1, 2020
Jenkins Project
database Plugin
risk 0.00cvss —epss 0.00
A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified credentials.
CVE-2020-2240Sep 1, 2020
Jenkins Project
database Plugin
risk 0.00cvss —epss 0.00
A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to execute arbitrary SQL scripts.
CVE-2020-2241Sep 1, 2020
Jenkins Project
database Plugin
risk 0.00cvss —epss 0.00
A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an attacker-specified database server using attacker-specified credentials.