EUVD-2022-3060

Malicious code in bioql PyPI...

EUVD-2022-4610

Malicious code in bioql PyPI...

GHSA-3PR8-RF62-G893 Path Traversal in Jenkins

A path traversal vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java that allows attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an...

PT-2021-14690 · Cloudbees +1 · Jenkins Cloudbees Cd Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins CloudBees CD Plugin versions 1.1.21 and earlier Description: The issue concerns a lack of permission check in an HTTP endpoint, allowing attackers with Item/Read permission to schedule builds of projects without having Item/Build...

jenkins: Arbitrary file write vulnerability using file parameter definitions (SECURITY-1424)

A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java allowed attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an arbitrary fil...

CVE-2019-10324

A cross-site request forgery vulnerability in Jenkins Artifactory Plugin 3.2.2 and earlier in ReleaseActiondoSubmit, GradleReleaseApiActiondoStaging, MavenReleaseApiActiondoStaging, and UnifiedPromoteBuildActiondoSubmit allowed attackers to schedule a release build, perform release staging for...