23 matches found
USN-7822-1: .NET vulnerabilities
It was discovered that .NET did not properly handle the creation of temporary build time directories. An attacker could possibly use this issue to cause a denial of service. CVE-2025-55247 It was discovered that .NET did not properly establish TLS sessions for SMTP server connections. An attacker...
USN-7822-1 dotnet8, dotnet9, dotnet10 vulnerabilities
It was discovered that .NET did not properly handle the creation of temporary build time directories. An attacker could possibly use this issue to cause a denial of service. CVE-2025-55247 It was discovered that .NET did not properly establish TLS sessions for SMTP server connections. An attacker...
Linux Distros Unpatched Vulnerability : CVE-2025-52991
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users...
CVE-2025-52991
The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users to deceive the package manager into using directories with pre-existing content, potentially leading to unauthorized actions or data...
DEBIAN-CVE-2025-52991
The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users to deceive the package manager into using directories with pre-existing content, potentially leading to unauthorized actions or data...
UBUNTU-CVE-2025-52991
The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users to deceive the package manager into using directories with pre-existing content, potentially leading to unauthorized actions or data...
SUSE CVE-2025-52991
The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users to deceive the package manager into using directories with pre-existing content, potentially leading to unauthorized actions or data...
SUSE CVE-2009-4029
The 1 dist or 2 distcheck rules in GNU Automake 1.11.1, 1.10.3, and release branches branch-1-4 through branch-1-9, when producing a distribution tarball for a package that uses Automake, assign insecure permissions 777 to directories in the build tree, which introduces a race condition that allo...
GHSA-CV2W-Q8C3-XJV7 Agent-to-controller access control allows reading/writing most content of build directories in Jenkins
Agents are allowed some limited access to files on the Jenkins controller file system. The directories agents are allowed to access in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier include the directories storing build-related information, intended to allow agents to store build-related...
jenkins: Agent-to-controller access control allows reading/writing most content of build directories
An incorrect access restriction vulnerability was found in Jenkins. The directories agents are allowed to access include the directories where there are stored build-related information intended to allow agents to store build-related metadata during build execution. As a consequence, this allows ...
jenkins: Agent-to-controller access control allows reading/writing most content of build directories
An incorrect access restriction vulnerability was found in Jenkins. The directories agents are allowed to access include the directories where there are stored build-related information intended to allow agents to store build-related metadata during build execution. As a consequence, this allows ...
jenkins: Agent-to-controller access control allowed writing to sensitive directory used by Pipeline: Shared Groovy Libraries Plugin
An incorrect permissions validation vulnerability was found in Jenkins. An agent process read/write access to the libs/ directory inside build directories when using the FilePath APIs is not limited. This allows attackers in control of agent processes to replace the code of a trusted library with...
jenkins: Agent-to-controller access control allows reading/writing most content of build directories
An incorrect access restriction vulnerability was found in Jenkins. The directories agents are allowed to access include the directories where there are stored build-related information intended to allow agents to store build-related metadata during build execution. As a consequence, this allows ...
jenkins: Agent-to-controller access control allows reading/writing most content of build directories
An incorrect access restriction vulnerability was found in Jenkins. The directories agents are allowed to access include the directories where there are stored build-related information intended to allow agents to store build-related metadata during build execution. As a consequence, this allows ...
jenkins: Agent-to-controller access control allows reading/writing most content of build directories
An incorrect access restriction vulnerability was found in Jenkins. The directories agents are allowed to access include the directories where there are stored build-related information intended to allow agents to store build-related metadata during build execution. As a consequence, this allows ...
Jenkins < 2.303.3, < 2.319 Multiple Vulnerabilities - Windows
Jenkins is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-21697
Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allows any agent to read and write the contents of any build directory stored in Jenkins with very few restrictions...
CVE-2021-21697
Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allows any agent to read and write the contents of any build directory stored in Jenkins with very few restrictions...
CVE-2021-21697
CVE-2021-21697 affects Jenkins (2.318 and earlier; LTS 2.303.2 and earlier). Root cause: agent-to-controller access control allowed a non-running agent to read/write contents of build directories, exposing build metadata via FilePath operations. Impact: any agent could read/write most content in ...
CVE-2021-21697
Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allows any agent to read and write the contents of any build directory stored in Jenkins with very few restrictions...