Lucene search
K

9 matches found

Redos
Redos
added 2026/05/24 12:0 a.m.17 views

ROS-20260524-73-0044

A vulnerability in the Jenkins Automation Server is related to incorrect symbolic link detection prior to file access during .tar and .tar.gz archive extraction. Exploitation of the vulnerability could allow an attacker acting remotely to write arbitrary files...

8.8CVSS6.1AI score0.01161EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/07/11 12:0 a.m.7 views

The vulnerability of the Aqua Security Scanner plugin in the Jenkins automation server, related to the lack of data encryption measures, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Aqua Security Scanner plugin in the Jenkins automation server is related to the lack of data encryption measures. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

4.3CVSS5.5AI score0.00191EPSS
Exploits0References2Affected Software1
Redos
Redos
added 2025/04/17 12:0 a.m.9 views

ROS-20250417-03

The Jenkins Automation Server vulnerability is related to the fact that the vulnerable plugin does not edit encrypted secret values when accessing config.xml of agents via REST API or CLI. Exploitation of the vulnerability could Allow an attacker acting remotely to gain access to potentially...

5.4CVSS7.2AI score0.00684EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/04/07 12:0 a.m.7 views

The vulnerability of the Stack Hammer plugin on the Jenkins automation server, related to deficiencies in access control, allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Stack Hammer plugin in the Jenkins automation server is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

6.5CVSS5.5AI score0.00266EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/11/13 12:0 a.m.7 views

Jenkins plugin Pipeline:Groovy 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...

8CVSS7.5AI score0.0044EPSS
Exploits1References3
Redos
Redos
added 2024/10/15 12:0 a.m.13 views

ROS-20241015-08

A vulnerability in the Jenkins Automation Server is related to an issue with item creation constraint bypass. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the restrictions and create a temporary item The Jenkins Automation Server vulnerability exists because...

4.3CVSS6.9AI score0.0084EPSS
Exploits0
Redos
Redos
added 2024/09/19 12:0 a.m.18 views

ROS-20240918-10

The Jenkins Automation Server vulnerability is related to a lack of permission checking at the endpoint of the HTTP. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information The Jenkins Automation Server Remoting library vulnerability is...

8.8CVSS7.6AI score0.28782EPSS
Exploits4
BDU FSTEC
BDU FSTEC
added 2020/06/10 12:0 a.m.4 views

The vulnerability of the Jenkins automation server, related to the absence of the HTTP header Content-Security-Policy, allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of the Jenkins automation server is related to the absence of the HTTP header Content-Security-Policy. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting XSS attacks remotely...

5.5CVSS5.6AI score0.01159EPSS
Exploits0References5Affected Software1
Saint
Saint
added 2017/08/15 12:0 a.m.78 views

Jenkins groovy.util.Expando Java deserialization vulnerability

Added: 08/15/2017 CVE: CVE-2016-0792 BID: 83720 Background Jenkins is a standalone, open-source automation server written in Java. Problem A deserialization vulnerability in the groovy.util.Expando class allows a remote attacker to execute arbitrary commands by requesting createItem with speciall...

9CVSS7.6AI score0.82697EPSS
Exploits23
Rows per page
Query Builder