Vulnerabilidades em jumpserver
23 resultadosCVE-2023-42442HIGHJumpServer session replays download without authenticationEPSS 55.9%CVE-2024-29201CRITICALJumpServer's insecure Ansible playbook validation leads to RCE in CeleryEPSS 5.9%CVE-2024-29202CRITICALJumpServer vulnerable to Jinja2 template injection in Ansible leads to RCE in CeleryEPSS 5.9%CVE-2023-42820HIGHRandom seed leakage in JumpserverEPSS 5.4%CVE-2023-42819HIGHPath traversal in JumpserverEPSS 1.9%CVE-2023-43651HIGHRemote code execution on the host system via MongoDB shell in jumpserverEPSS 1.7%CVE-2024-40629CRITICALArbitrary File Write in Ansible Playbooks leads to RCE in JumpserverEPSS 1.3%CVE-2024-24763MEDIUMJumpServer Open Redirect VulnerabilityEPSS 1.1%CVE-2024-40628CRITICALArbitrary File Read in Ansible Playbooks in JumpserverEPSS 0.9%CVE-2023-28110MEDIUMJumpServer Koko vulnerable to Command Injection for Kubernetes Connection EPSS 0.8%CVE-2023-46123MEDIUMjumpserver is vulnerable to password brute-force protection bypass via arbitrary IP valuesEPSS 0.7%CVE-2023-43652HIGHNon-MFA account takeover via using only SSH public key to login in jumpserverEPSS 0.7%CVE-2023-42818MEDIUMSSH public key login without private key challenge if mfa is enabled in jumpserverEPSS 0.6%CVE-2023-43650HIGHNon-MFA account takeover via brute-force attack on weak password reset code in jumpserverEPSS 0.5%CVE-2025-62712CRITICALJumpServer Connection Token Leak VulnerabilityEPSS 0.5%CVE-2025-58044MEDIUMJumpServer has an Open Redirect VulnerabilityEPSS 0.4%CVE-2026-31864MEDIUMJumpServer has a Server-Side Template Injection Leading to RCE via YAML RenderingEPSS 0.3%CVE-2023-46138LOWJumpServer default admin user email leak password resetEPSS 0.3%CVE-2024-29020MEDIUMJumpServer allows nn authorized attacker to get sensitive information in playbook files when playbook_id is leakedEPSS 0.3%CVE-2025-27095MEDIUMJumpServer has a Kubernetes Token Leak VulnerabilityEPSS 0.3%