35 matches found
Denial of service
A denial of service vulnerability exists in Jenkins Monitoring Plugin 1.74.0 and earlier in PluginImpl.java that allows attackers to kill threads running on the Jenkins master...
CVE-2019-1003022
CVE-2019-1003022 concerns a denial-of-service in the Jenkins Monitoring Plugin prior to versions newer than 1.74.0, specifically in the PluginImpl.java code, which enables an attacker to kill threads running on the Jenkins master. The available connected documents consistently describe this vulne...
CVE-2019-1003022
A denial of service vulnerability exists in Jenkins Monitoring Plugin 1.74.0 and earlier in PluginImpl.java that allows attackers to kill threads running on the Jenkins master...
PT-2019-11320 · Jenkins · Jenkins Monitoring Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Monitoring Plugin versions 1.74.0 and earlier Description: A denial of service issue exists that allows attackers to kill threads running on the Jenkins master. This is due to a vulnerability in the PluginImpl.java file...
CVE-2014-3679
The Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to obtain sensitive information by accessing unspecified pages...
Information disclosure
The Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to obtain sensitive information by accessing unspecified pages...
CVE-2014-3679
The Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to obtain sensitive information by accessing unspecified pages...
CVE-2014-3679
CVE-2014-3679 affects the Jenkins Monitoring plugin prior to 1.53.0. The issue is an information-disclosure flaw where certain Monitoring plugin pages are accessible to remote attackers, allowing them to obtain sensitive information. Affected: Jenkins Monitoring plugin (pre-1.53.0). Root cause: p...
jenkins: cross-site scripting flaws in the monitoring plug-in (SECURITY-113)
Cross-site scripting XSS vulnerability in the Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-3678
Cross-site scripting XSS vulnerability in the Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-3678
CVE-2014-3678 is a Cross-site Scripting (XSS) vulnerability in the Jenkins Monitoring plugin, affecting versions before 1.53.0. The root cause is a faulty input validation in the Monitoring plugin that allows an attacker to inject arbitrary web script or HTML, via unspecified vectors, potentially...
CVE-2014-3678
Cross-site scripting XSS vulnerability in the Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
PT-2014-5447 · Jenkins · Jenkins Monitoring Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins Monitoring plugin versions prior to 1.53.0 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML. Recommendations: For versions prior to 1.53.0, update to version 1.53.0 or later ...
jenkins: multiple issues
SECURITY-87/CVE-2014-3661 anonymous DoS attack through CLI handshake This vulnerability allows unauthenticated users with access to Jenkins' HTTP/HTTPS port to mount a DoS attack on Jenkins through thread exhaustion. - SECURITY-110/CVE-2014-3662 User name discovery Anonymous users can test if the...