3 matches found
CVE-2024-23905
Jenkins Red Hat Dependency Analytics Plugin 0.7.1 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download...
PT-2024-2759 · Red Hat +2 · Jenkins Red Hat Dependency Analytics Plugin +2
Name of the Vulnerable Software and Affected Versions: Jenkins Red Hat Dependency Analytics Plugin versions 0.7.1 and earlier Description: The issue is related to the lack of Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers...
Jenkins plugins Multiple Vulnerabilities (2024-01-24)
According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Git server Plugin 99.va0826abcdfad and earlier does not disable a feature of its command parser that replaces an '@' character...