8 matches found
EUVD-2022-2988
Malicious code in bioql PyPI...
Jenkins < 1.551, < 1.532.2 LTS Multiple Vulnerabilities - Linux
Jenkins is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Jenkins < 1.551, < 1.532.2 LTS Multiple Vulnerabilities - Windows
Jenkins is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +698 more potentially affected by CVE-2013-7330 via org.jenkins-ci.main:jenkins-core (>=1.396 <=1.480.2)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.9, =1.0, =1.0, =1.0-beta-1, =2.1, =1.0, =1.0, =0.1, =0.1, =0.17 and more Source cves: CVE-2013-7330 Source advisory: OSV:GHSA-H5JV-HG68-MJHG...
Design/Logic Flaw
BuildTrigger in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to bypass access restrictions and execute arbitrary jobs by configuring a job to trigger another job. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7330...
CVE-2014-2058
BuildTrigger in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to bypass access restrictions and execute arbitrary jobs by configuring a job to trigger another job. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7330...
CVE-2014-2058
CVE-2014-2058 affects Jenkins (BuildTrigger) where authenticated remote users could bypass access restrictions and trigger arbitrary jobs by configuring a job to trigger another. Affected versions are Jenkins before 1.551 and LTS before 1.532.2. The issue is described as a result of an incomplete...
Jenkins BuildTrigger类权限绕过漏洞
CVE ID:CVE-2013-7330 Jenkins的前身是Hudson是一个可扩展的持续集成引擎。 Jenkins BuildTrigger类存在安全漏洞,允许攻击者绕过授权机制配置作业,执行受限的作业。 0 Jenkins 1.550 Jenkins 1.532.1 厂商补丁: Jenkins ----- Jenkins 1.532.2, 1.551已经修复该漏洞,建议用户下载更新: http://jenkins-ci.org/...