Jenkins < 2.46.2 / 2.57 and Jenkins Enterprise < 1.625.24.1 / 1.651.24.1 / 2.7.24.0.1 / 2.46.2.1 Multiple Vulnerabilities

The version of Jenkins running on the remote web server is prior to 2.57 or is a version of Jenkins LTS prior to 2.46.2, or else it is a version of Jenkins Enterprise that is 1.625.x.y prior to 1.625.24.1, 1.651.x.y prior to 1.651.24.1, 2.7.x.0.y prior to 2.7.24.0.1, or 2.x.y.z prior to 2.46.2.1...

Jenkins Multiple Vulnerabilities (Apr 2017) - Windows

Multiple cross-site request forgery CSRF vulnerabilities in Jenkins allow malicious users to perform several administrative actions by tricking a victim into opening a web page. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

[SECURITY] Fedora 26 Update: jenkins-xstream-1.4.7-11.jenkins1.fc26

XStream is a simple library to serialize objects to XML and back again. A high level facade is supplied that simplifies common use cases. Custom objects can be serialized without need for specifying mappings. Speed and low memory footprint are a crucial part of the design, making it suitable for...

MGASA-2016-0164 Updated xstream packages fix CVE-2016-3674

Updated xstream packages fix security vulnerability: XStream x-stream.github.io is a Java library to marshal Java objects into XML and back. For this purpose it supports a lot of different XML parsers. Some of those can also process external entities which was enabled by default. An attacker coul...

[SECURITY] Fedora 23 Update: xstream-1.4.9-1.fc23

XStream is a simple library to serialize objects to XML and back again. A high level facade is supplied that simplifies common use cases. Custom objects can be serialized without need for specifying mappings. Speed and low memory footprint are a crucial part of the design, making it suitable for...

OpenMRS Reporting Module 0.9.7 - Remote Code Execution

OpenMRS Reporting Module 0.9.7 - Remote Code Execution Title: Unauthenticated remote code execution in OpenMRS Product: OpenMRS Vendor: OpenMRS Inc. Tested versions: See summary Status: Fixed by vendor Reported by: Brian D. Hysell Product description: OpenMRS is "the world's leading open source...

OpenMRS Reporting Module 0.9.7 - Remote Code Execution

Title: Unauthenticated remote code execution in OpenMRS Product: OpenMRS Vendor: OpenMRS Inc. Tested versions: See summary Status: Fixed by vendor Reported by: Brian D. Hysell Product description: OpenMRS is "the world's leading open source enterprise electronic medical record system platform."...

Fedora Update for xstream FEDORA-2014-2340

Check for the Version of xstream OpenVAS Vulnerability Test Fedora Update for xstream FEDORA-2014-2340 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...