10 matches found
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1594 more potentially affected by CVE-2021-21694 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.30)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2021-21694 Source advisory: OSV:GHSA-PGJ6-JMJ5-WQFX...
Important: Red Hat Security Advisory: OpenShift Container Platform 3.11.569 security update
Red Hat OpenShift Container Platform release 3.11.569 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score,...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.6.51 packages and security update
Red Hat OpenShift Container Platform release 4.6.51 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.8.22 security update
Red Hat OpenShift Container Platform release 4.8.22 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, whic...
FreeBSD : jenkins -- multiple vulnerabilities (2bf56269-90f8-4a82-b82f-c0e289f2a0dc)
Jenkins Security Advisory : DescriptionCritical SECURITY-2455 / CVE-2021-21685, CVE-2021-21686, CVE-2021-21687, CVE-2021-21688, CVE-2021-21689, CVE-2021-21690, CVE-2021-21691, CVE-2021-21692, CVE-2021-21693, CVE-2021-21694, CVE-2021-21695 Multiple vulnerabilities allow bypassing path filtering of...
Jenkins < 2.303.3, < 2.319 Multiple Vulnerabilities - Linux
Jenkins is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-21694
creationtimestamp| type| source ---|---|--- 2021-11-04 19:25:30+00:00| seen| https://t.me/cibsecurity/31842...
CVE-2021-21694
FilePathtoURI, FilePathhasSymlink, FilePathabsolutize, FilePathisDescendant, and FilePathgetDiskSpace do not check any permissions in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier...
CVE-2021-21694
FilePathtoURI, FilePathhasSymlink, FilePathabsolutize, FilePathisDescendant, and FilePathgetDiskSpace do not check any permissions in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier...
CVE-2021-21694
CVE-2021-21694 affects Jenkins 2.318 and earlier (and LTS 2.303.2 and earlier): FilePath#toURI, #hasSymlink, #absolutize, #isDescendant, and #get*DiskSpace do not check any permissions. This can enable agent-to-controller file access by bypassing access control, per connected advisories. Connecte...