9 matches found
com.piketec.jenkins.plugins:piketec-tpt (=6.3), io.jenkins.plugins:aws-lambda-cloud (>=0.3 <=0.4) +13 more potentially affected by CVE-2015-5325 via org.jenkins-ci.main:jenkins-core (>=1.626 <=1.637)
org.jenkins-ci.main:jenkins-core MAVEN version =1.626, =0.3, =1.2, =1.1.2, =1.626, =1.626, =1.1.0, =0.1, =0.2, =0.1, =2.4, =1.626, =1.21, =1.0.3, =1.0, =2.0.27 Source cves: CVE-2015-5325 Source advisory: OSV:GHSA-X2Q2-8PWQ-FR5R...
Cross-Site Scripting (XSS)
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...
Path Traversal
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...
Sensitive Information Disclosure
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...
Fedora 23 : jenkins-1.625.2-2.fc23 / jenkins-remoting-2.53-1.fc23 (2015-d02feebd15)
Update to 1.625.2 - Resolves: CVE-2015-5317, CVE-2015-5318, CVE-2015-5319, CVE-2015-5320, CVE-2015-5324, CVE-2015-5321, CVE-2015-5322, CVE-2015-5323, CVE-2015-5325, CVE-2015-5326, SECURITY-218 Note that Tenable Network Security has extracted the preceding description block directly from the Fedor...
Fedora 22 : jenkins-1.609.3-3.fc22 / jenkins-remoting-2.53-1.fc22 (2015-a433d8ba72)
Fix CVE-2015-5318, CVE-2015-5320, CVE-2015-5325, SECURITY-218 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
CVE-2015-5325
Jenkins before 1.638 and LTS before 1.625.2 allow attackers to bypass intended slave-to-master access restrictions by leveraging a JNLP slave. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3665...
CVE-2015-5325
CVE-2015-5325 affects Jenkins before 1.638 and OpenJenkins LTS before 1.625.2, where a JNLP slave can bypass intended slave-to-master access restrictions. This vulnerability stems from an incomplete fix for CVE-2014-3665. Remediation: upgrade to Jenkins 1.638 or newer, or to LTS 1.625.2 or newer,...
CVE-2015-5325
Jenkins before 1.638 and LTS before 1.625.2 allow attackers to bypass intended slave-to-master access restrictions by leveraging a JNLP slave. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3665...