11 matches found
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1304 more potentially affected by CVE-2015-5320 via org.jenkins-ci.main:jenkins-core (>=1.396 <=1.625.1)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =0.0.1, =0.9, =1.3, =1.0, =1.0, =2.2.1, =1.0.3, =1.0.0, =1.0, =1.0.0, =1.2.0 and more Source cves: CVE-2015-5320 Source advisory: OSV:GHSA-449Q-V4J2-5H8P...
com.piketec.jenkins.plugins:piketec-tpt (=6.3), io.jenkins.plugins:aws-lambda-cloud (>=0.3 <=0.4) +13 more potentially affected by CVE-2015-5320 via org.jenkins-ci.main:jenkins-core (>=1.626 <=1.637)
org.jenkins-ci.main:jenkins-core MAVEN version =1.626, =0.3, =1.2, =1.1.2, =1.626, =1.626, =1.1.0, =0.1, =0.2, =0.1, =2.4, =1.626, =1.21, =1.0.3, =1.0, =2.0.27 Source cves: CVE-2015-5320 Source advisory: OSV:GHSA-449Q-V4J2-5H8P...
Cross-Site Scripting (XSS)
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...
Path Traversal
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...
Sensitive Information Disclosure
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...
Fedora 22 : jenkins-1.609.3-3.fc22 / jenkins-remoting-2.53-1.fc22 (2015-a433d8ba72)
Fix CVE-2015-5318, CVE-2015-5320, CVE-2015-5325, SECURITY-218 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Fedora 23 : jenkins-1.625.2-2.fc23 / jenkins-remoting-2.53-1.fc23 (2015-d02feebd15)
Update to 1.625.2 - Resolves: CVE-2015-5317, CVE-2015-5318, CVE-2015-5319, CVE-2015-5320, CVE-2015-5324, CVE-2015-5321, CVE-2015-5322, CVE-2015-5323, CVE-2015-5325, CVE-2015-5326, SECURITY-218 Note that Tenable Network Security has extracted the preceding description block directly from the Fedor...
CVE-2015-5320
Jenkins before 1.638 and LTS before 1.625.2 do not properly verify the shared secret used in JNLP slave connections, which allows remote attackers to connect as slaves and obtain sensitive information or possibly gain administrative access by leveraging knowledge of the name of a slave...
CVE-2015-5320
Jenkins before 1.638 and LTS before 1.625.2 do not properly verify the shared secret used in JNLP slave connections, which allows remote attackers to connect as slaves and obtain sensitive information or possibly gain administrative access by leveraging knowledge of the name of a slave...
CVE-2015-5320
CVE-2015-5320 affects Jenkins and its JNLP slave mechanism. The vulnerability arises from improper verification of the shared secret used in JNLP slave connections, allowing remote attackers to connect as slaves and potentially access sensitive information or gain administrative privileges by kno...
CVE-2015-5320
Jenkins before 1.638 and LTS before 1.625.2 do not properly verify the shared secret used in JNLP slave connections, which allows remote attackers to connect as slaves and obtain sensitive information or possibly gain administrative access by leveraging knowledge of the name of a slave...