Lucene search
Veracode Vulnerability DatabaseVERACODE:39929HistoryMar 24, 2023 - 12:52 a.m.
Information Disclosure
2023-03-2400:52:33
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
jenkins-2-plugins
vulnerability
information disclosure
webhook
endpoint
jobs
sensitive information
0.001 Low
EPSS
Percentile
33.5%
jenkins-2-plugins is vulnerable to Information Disclosure. The webhook endpoint provides information about which jobs were triggered or scheduled for polling through its webhook endpoint, including jobs the user has no permission to access, resulting in disclosure of sensitive information.
Related
osv
osv
Webhook endpoint discloses job names to unauthorized users in Jenkins Mercurial Plugin
2022-10-19 19:00:18
CVE-2022-43410
2022-10-19 16:15:10
prion
prion
Design/Logic Flaw
2022-10-19 16:15:00
cve
cve
CVE-2022-43410
2022-10-19 16:15:10
alpinelinux
alpinelinux
CVE-2022-43410
2022-10-19 16:15:10
github
github
redhatcve
redhatcve
CVE-2022-43410
2022-10-20 05:47:14
cbl_mariner
cbl_mariner
CVE-2022-43410 affecting package mercurial 6.0.3-2
2024-07-05 03:08:39
CVE-2022-43410 affecting package mercurial 5.4-2
2024-07-05 03:08:34
cvelist
cvelist
CVE-2022-43410
2022-10-19 00:00:00
nvd
nvd
CVE-2022-43410
2022-10-19 16:15:10
redhat
redhat
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2022-10-19)
2023-03-03 00:00:00