Jenkins Neuvector Scanner
By the Year
In 2024 there have been 0 vulnerabilities in Jenkins Neuvector Scanner . Last year Neuvector Scanner had 3 security vulnerabilities published. Right now, Neuvector Scanner is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 3 | 6.13 |
2022 | 1 | 5.30 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 1 | 5.50 |
2018 | 0 | 0.00 |
It may take a day or so for new Neuvector Scanner vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Neuvector Scanner Security Vulnerabilities
A missing permission check in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier
CVE-2023-49674
4.3 - Medium
- November 29, 2023
A missing permission check in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password.
AuthZ
A cross-site request forgery (CSRF) vulnerability in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier
CVE-2023-49673
8.8 - High
- November 29, 2023
A cross-site request forgery (CSRF) vulnerability in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier allows attackers to connect to an attacker-specified hostname and port using attacker-specified username and password.
Session Riding
Jenkins NeuVector Vulnerability S
CVE-2023-30517
5.3 - Medium
- April 12, 2023
Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier unconditionally disables SSL/TLS certificate and hostname validation when connecting to a configured NeuVector Vulnerability Scanner server.
Improper Certificate Validation
Jenkins NeuVector Vulnerability S
CVE-2022-43434
5.3 - Medium
- October 19, 2022
Jenkins NeuVector Vulnerability Scanner Plugin 1.20 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.
Jenkins NeuVector Vulnerability S
CVE-2019-10430
5.5 - Medium
- September 25, 2019
Jenkins NeuVector Vulnerability Scanner Plugin 1.5 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.
Cleartext Storage of Sensitive Information
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Jenkins Neuvector Scanner or by Jenkins? Click the Watch button to subscribe.