Jenkins Neuvector_vulnerability_scanner

5 CVEs affecting Jenkins Neuvector_vulnerability_scanner. Latest disclosed: 2023-11-29. Critical: 0, High: 1.

Top CVEs affecting Jenkins Neuvector_vulnerability_scanner
CVESeverityScorePublishedSummary
CVE-2023-49673High8.82023-11-29A cross-site request forgery (CSRF) vulnerability in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier allows attackers to connect to an attacker…
CVE-2019-10430Medium5.52019-09-25Jenkins NeuVector Vulnerability Scanner Plugin 1.5 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they…
CVE-2023-30517Medium5.32023-04-12Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier unconditionally disables SSL/TLS certificate and hostname validation when connecting to a confi…
CVE-2022-43434Medium5.32022-10-19Jenkins NeuVector Vulnerability Scanner Plugin 1.20 and earlier programmatically disables Content-Security-Policy protection for user-generated content in work…
CVE-2023-49674Medium4.32023-11-29A missing permission check in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier allows attackers with Overall/Read permission to connect to an at…