9 matches found
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1013 more potentially affected by CVE-2014-3681 via org.jenkins-ci.main:jenkins-core (>=1.396 <=1.565.2)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =0.0.1, =0.9, =1.3, =1.0, =1.0.0, =1.0, =1.0-beta-1, =2.1, =1.0, =1.1, =2.0.6 and more Source cves: CVE-2014-3681 Source advisory: OSV:GHSA-CWH9-F8M6-6R63...
Cross-Site Scripting (XSS)
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...
Path Traversal
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...
Sensitive Information Disclosure
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...
Jenkins Multiple Vulnerabilities (Oct 2014) - Windows
Jenkins is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:jenkins:jenkins"; ifdescription...
CVE-2014-3681
Cross-site scripting XSS vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2014-3681
CVE-2014-3681 is a cross-site scripting (XSS) vulnerability in Jenkins prior to 1.583 and in the LTS line prior to 1.565.3. The available sources describe that remote attackers can inject arbitrary web script or HTML via unspecified vectors, potentially affecting the Jenkins web interface. The co...
jenkins: multiple issues
SECURITY-87/CVE-2014-3661 anonymous DoS attack through CLI handshake This vulnerability allows unauthenticated users with access to Jenkins' HTTP/HTTPS port to mount a DoS attack on Jenkins through thread exhaustion. - SECURITY-110/CVE-2014-3662 User name discovery Anonymous users can test if the...
FreeBSD : jenkins -- remote execution, privilege escalation, XSS, password exposure, ACL hole, DoS (549a2771-49cc-11e4-ae2c-c80aa9043978)
Jenkins Security Advisory : Please reference CVE/URL list for details %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2019 Jacques Vidrine and contributors Redistribution an...