609 matches found
jenkins-plugin/script-security: Jenkins Script Security Plugin File Disclosure Vulnerability
A flaw was found in the Jenkins Script Security Plugin. This vulnerability allows attackers with Overall/Read permission to check for the existence of files on the controller file system via a method that implements form validation that does not perform a permission check...
jenkins-plugin/script-security: Jenkins Script Security Plugin File Disclosure Vulnerability
A flaw was found in the Jenkins Script Security Plugin. This vulnerability allows attackers with Overall/Read permission to check for the existence of files on the controller file system via a method that implements form validation that does not perform a permission check...
jenkins-plugin/script-security: Jenkins Script Security Plugin File Disclosure Vulnerability
A flaw was found in the Jenkins Script Security Plugin. This vulnerability allows attackers with Overall/Read permission to check for the existence of files on the controller file system via a method that implements form validation that does not perform a permission check...
jenkins-plugin/script-security: Jenkins Script Security Plugin File Disclosure Vulnerability
A flaw was found in the Jenkins Script Security Plugin. This vulnerability allows attackers with Overall/Read permission to check for the existence of files on the controller file system via a method that implements form validation that does not perform a permission check...
jenkins-plugin/script-security: Jenkins Script Security Plugin File Disclosure Vulnerability
A flaw was found in the Jenkins Script Security Plugin. This vulnerability allows attackers with Overall/Read permission to check for the existence of files on the controller file system via a method that implements form validation that does not perform a permission check...
Linux Distros Unpatched Vulnerability : CVE-2010-3433
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before...
CVE-2024-52549
A flaw was found in the Jenkins Script Security Plugin. This vulnerability allows attackers with Overall/Read permission to check for the existence of files on the controller file system via a method that implements form validation that does not perform a permission check. Mitigation Mitigation f...
au.com.versent.jenkins.plugins:ignore-committer-strategy (=29.v7c3891a_434c3), com.amadeus.jenkins.plugins:workflow-cps-global-lib-http (>=2.33.0 <=2.54.0) +164 more potentially affected by CVE-2024-52549 via org.jenkins-ci.plugins:script-security (>=1138.v8e727069a_025 <=1367.vdf2fc45f229c)
org.jenkins-ci.plugins:script-security MAVEN version =1138.v8e727069a025, =2.33.0, =1.41.0, =1.1.0.413.v3023d27e8434, =104.v94ae5f6cdbc3, =320.v5a0933ae7d61, =2.4.2, =3.0, =4.1.0, =4.1.1 - igalg.jenkins.plugins:multibranch-build-strategy-extension =60.vce1b19770361 and more Source cves:...
Missing permission check in Jenkins Script Security Plugin
Jenkins Script Security Plugin 1367.vdf2fc45f229c and earlier, except 1365.1367.va3bb89f8a95b and 1362.1364.v4cf2dc5d8776, does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files on the...
GHSA-JV82-75FH-23R7 Missing permission check in Jenkins Script Security Plugin
Jenkins Script Security Plugin 1367.vdf2fc45f229c and earlier, except 1365.1367.va3bb89f8a95b and 1362.1364.v4cf2dc5d8776, does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files on the...
CVE-2024-52549
Jenkins Script Security Plugin 1367.vdf2fc45f229c and earlier, except 1365.1367.va3bb89f8a95b and 1362.1364.v4cf2dc5d8776, does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files on the...
CVE-2024-52554
Jenkins Shared Library Version Override Plugin 17.v786074c9fce7 and earlier declares folder-scoped library overrides as trusted, so that they're not executed in the Script Security sandbox, allowing attackers with Item/Configure permission on a folder to configure a folder-scoped library override...
CVE-2024-52549
Jenkins Script Security Plugin 1367.vdf2fc45f229c and earlier, except 1365.1367.va3bb89f8a95b and 1362.1364.v4cf2dc5d8776, does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files on the...
CVE-2024-52554
Jenkins Shared Library Version Override Plugin 17.v786074c9fce7 and earlier declares folder-scoped library overrides as trusted, so that they're not executed in the Script Security sandbox, allowing attackers with Item/Configure permission on a folder to configure a folder-scoped library override...
CVE-2024-52554
CVE-2024-52554 affects the Jenkins plugin “Shared Library Version Override” for versions 17.v786074c9fce7 and earlier. The root cause is that folder-scoped library overrides are declared as trusted, so they are not executed inside the Script Security sandbox. This allows a user with Item/Configur...
CVE-2024-52549
Jenkins Script Security Plugin 1367.vdf2fc45f229c and earlier, except 1365.1367.va3bb89f8a95b and 1362.1364.v4cf2dc5d8776, does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files on the...
CVE-2024-52549
Jenkins Script Security Plugin 1367.vdf2fc45f229c and earlier, except 1365.1367.va3bb89f8a95b and 1362.1364.v4cf2dc5d8776, does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files on the...
CVE-2024-52549
CVE-2024-52549 affects Jenkins Script Security Plugin (1367.vdf2fc45f229c and earlier, with exceptions 1365.1367.va_3b_b_89f8a_95b_ and 1362.1364.v4cf2dc5d8776). The issue is a missing permission check in a form-validation method, allowing attackers with Overall/Read permission to determine wheth...
Jenkins plugin Script Security 安全漏洞
Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...
PT-2024-35376 · Jenkins · Jenkins Shared Library Version Override Plugin
Name of the Vulnerable Software and Affected Versions: Jenkins Shared Library Version Override Plugin versions 17.v786074c9fce7 and earlier Description: The issue allows attackers with Item/Configure permission on a folder to configure a folder-scoped library override that runs without sandbox...