PT-2022-26919 · Jenkins · Jenkins 360 Fireline Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins 360 FireLine Plugin versions 1.7.2 and earlier Description: The issue concerns the Jenkins 360 FireLine Plugin, which programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived...

jenkins: workspace browser allowed accessing files outside the workspace (SECURITY-904)

An information exposure vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in DirectoryBrowserSupport.java that allows attackers with the ability to control build output to browse the file system on agents running builds beyond the duration of the build using the workspace...

CloudBees Jenkins Information Disclosure Vulnerability (CNVD-2019-04442)

CloudBees Jenkins formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . An...