Lucene search
Veracode Vulnerability DatabaseVERACODE:45839HistoryMar 12, 2024 - 6:32 a.m.
Cross Site Request Forgery (CSRF)
2024-03-1206:32:11
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
cross site request forgery
jenkins
docker
validation
user inputs
tcp
unix socket url
reconfigure
plugin
build step
executions
vulnerability
org.jenkins-ci.plugins: docker-build-step is vulnerable to Cross Site Request Forgery (CSRF). The vulnerability is due to inadequate validation of user inputs, allowing attackers to connect to an attacker-specified TCP or Unix socket URL and reconfigure the plugin using provided connection test parameters, impacting future build step executions.
Related
nvd
nvd
CVE-2024-2215
2024-03-06 17:15:11
cve
cve
CVE-2024-2215
2024-03-06 17:15:11
github
github
Jenkins docker-build-step Plugin Cross-Site Request Forgery vulnerability
2024-03-06 18:30:39
cvelist
cvelist
CVE-2024-2215
2024-03-06 17:01:52
osv
osv
Jenkins docker-build-step Plugin Cross-Site Request Forgery vulnerability
2024-03-06 18:30:39
vulnrichment
vulnrichment
CVE-2024-2215
2024-03-06 17:01:52
prion
prion
Cross site request forgery (csrf)
2024-03-06 17:15:00
nessus
nessus
Jenkins plugins Multiple Vulnerabilities (2024-03-06)
2024-03-07 00:00:00