CVE-2024-9183

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.4 prior to 18.4.5, 18.5 prior to 18.5.3, and 18.6 prior to 18.6.1 that could have allowed an authenticated user to obtain credentials from higher-privileged users and perform actions in their context under specific...

CVE-2023-35141

In Jenkins 2.399 and earlier, LTS 2.387.3 and earlier, POST requests are sent in order to load the list of context actions. If part of the URL includes insufficiently escaped user-provided values, a victim may be tricked into sending a POST request to an unexpected endpoint by opening a context...

FreeBSD : jenkins -- CSRF protection bypass vulnerability (b4db7d78-bb62-4f4c-9326-6e9fc2ddd400)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b4db7d78-bb62-4f4c-9326-6e9fc2ddd400 advisory. - In Jenkins 2.399 and earlier, LTS 2.387.3 and earlier, POST requests are sent in order to load the li...