PT-2026-23440

Name of the Vulnerable Software and Affected Versions Backstage versions prior to 1.20.1 Description Backstage is a framework for building developer portals. A flaw in how Backstage handles SCM URLs within integrations permitted path traversal sequences, even when encoded. This allowed requests t...

CVE-2019-10455

A missing permission check in Jenkins Rundeck Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

Jenkins Katalon Plugin 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A cross-site request...

PT-2022-17134 · Jenkins · Jenkins Autonomiq Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins autonomiq Plugin versions 1.15 and earlier Description: A cross-site request forgery CSRF vulnerability exists due to the lack of permission checks in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to ...

Important: java-1.7.0-openjdk

Issue Overview: DerValue unbounded memory allocation: It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive...