9 matches found
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1304 more potentially affected by CVE-2015-7539 via org.jenkins-ci.main:jenkins-core (>=1.396 <=1.625.1)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =0.0.1, =0.9, =1.3, =1.0, =1.0, =2.2.1, =1.0.3, =1.0.0, =1.0, =1.0.0, =1.2.0 and more Source cves: CVE-2015-7539 Source advisory: OSV:GHSA-X274-9M9R-FM5G...
RPD:bmc-rpd (=1.1), com.piketec.jenkins.plugins:piketec-tpt (=6.3) +19 more potentially affected by CVE-2015-7539 via org.jenkins-ci.main:jenkins-core (>=1.626 <=1.639)
org.jenkins-ci.main:jenkins-core MAVEN version =1.626, =0.3, =1.2, =1.1.2, =1.626, =1.626, =0.2.0, =1.0, =1.1.0, =0.1, =0.2, =0.1, =0.3 - org.jenkins-ci.plugins:icn-plugin-loader =1.0 and more Source cves: CVE-2015-7539 Source advisory: OSV:GHSA-X274-9M9R-FM5G...
Cross-Site Scripting (XSS)
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...
Path Traversal
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...
Sensitive Information Disclosure
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...
Fedora 22 : jenkins-1.609.3-5.fc22 (2015-938c70c840)
Security update, fixes: CVE-2015-7536 SECURITY-95, CVE-2015-7537 SECURITY-225, CVE-2015-7538 SECURITY-233, CVE-2015-7539 SECURITY-234 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically...
CVE-2015-7539
The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin...
CVE-2015-7539
The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin...
CVE-2015-7539
CVE-2015-7539 affects Jenkins: Plugins Manager in Jenkins (non-LTS prior to 1.640 and LTS prior to 1.625.2) does not verify checksums for plugin files referenced in update site data, enabling potential MITM exploitation to run arbitrary code via a crafted plugin. Remediation: upgrade Jenkins to 1...