2 matches found
Jenkins < 1.586 Multiple Vulnerabilities - Windows
Jenkins is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2014-9634
CVE-2014-9634 affects Jenkins prior to 1.586 when run on Tomcat 7.0.41+. The issue is that session cookies are not marked Secure, enabling potential interception of HTTP session cookies by remote attackers. The vulnerability is tied to Jenkins’ handling of cookies in Tomcat, with impact described...