12 matches found
RHCOS 4 : OpenShift Container Platform 4.6.59 (RHSA-2022:4947)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4947 advisory. - cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 - credentials: Stored XSS vulnerabilities in jenkin...
RHCOS 4 : OpenShift Container Platform 4.7.52 paackages (RHSA-2022:4909)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4909 advisory. - credentials: Stored XSS vulnerabilities in jenkins plugin CVE-2022-29036 - subversion: Stored XSS vulnerabilities in Jenkins...
RHEL 8 : OpenShift Container Platform 4.7.52 paackages (RHSA-2022:4909)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4909 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
RHEL 7 / 8 : OpenShift Container Platform 4.6.59 (RHSA-2022:4947)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4947 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
Jenkins Credentials Plugin Cross-site Scripting (CVE-2022-29036)
A cross-site scripting vulnerability exists in Jenkins Credentials Plugin. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.7.52 paackages and security update
Red Hat OpenShift Container Platform release 4.7.52 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.7. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 3.11.705 security update
Red Hat OpenShift Container Platform release 3.11.705 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a...
Jenkins plugins Multiple Vulnerabilities (2022-04-12)
According to its their self-reported version number, the version of Jenkins plugins running on the remote web server are Jenkins CVS Plugin prior to 2.19.1, Credentials Plugin prior to 1112., Extended Choice Parameter Plugin 346. or earlier, Gerrit Trigger Plugin prior to 2.35.3, Git Parameter...
CVE-2022-29036
Jenkins Credentials Plugin 1111.v35a307992395 and earlier, except 1087.1089.v2f1b9ab040e4, 1074.1076.v39c30cecb0e2, and 2.6.1.1, does not escape the name and description of Credentials parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability...
CVE-2022-29036
Jenkins Credentials Plugin 1111.v35a307992395 and earlier, except 1087.1089.v2f1b9ab040e4, 1074.1076.v39c30cecb0e2, and 2.6.1.1, does not escape the name and description of Credentials parameters on views displaying parameters, resulting in a stored cross-site scripting XSS vulnerability...
CVE-2022-29036
CVE-2022-29036 affects Jenkins Credentials Plugin (versions including 1111.v35a_307992395 and earlier, with some exceptions) by failing to escape the name/description of Credentials parameters on views that display them, enabling stored XSS for attackers with Item/Configure permission. Exploitati...
RHEL 7 / 8 : OpenShift Container Platform 4.8.35 (RHSA-2022:0871)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:0871 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...