10 matches found
SUSE CVE-2015-7537
Cross-site request forgery CSRF vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via vectors related to the HTTP GET method...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1304 more potentially affected by CVE-2015-7537 via org.jenkins-ci.main:jenkins-core (>=1.396 <=1.625.1)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =0.0.1, =0.9, =1.3, =1.0, =1.0, =2.2.1, =1.0.3, =1.0.0, =1.0, =1.0.0, =1.2.0 and more Source cves: CVE-2015-7537 Source advisory: SNYK:JAVA-ORGJENKINSCIMAIN-9404629...
RPD:bmc-rpd (=1.1), com.piketec.jenkins.plugins:piketec-tpt (=6.3) +19 more potentially affected by CVE-2015-7537 via org.jenkins-ci.main:jenkins-core (>=1.626 <=1.639)
org.jenkins-ci.main:jenkins-core MAVEN version =1.626, =0.3, =1.2, =1.1.2, =1.626, =1.626, =0.2.0, =1.0, =1.1.0, =0.1, =0.2, =0.1, =0.3 - org.jenkins-ci.plugins:icn-plugin-loader =1.0 and more Source cves: CVE-2015-7537 Source advisory: OSV:GHSA-3VHR-F5XR-8VPX...
RPD:bmc-rpd (=1.1), com.piketec.jenkins.plugins:piketec-tpt (=6.3) +19 more potentially affected by CVE-2015-7537 via org.jenkins-ci.main:jenkins-core (>=1.626 <=1.639)
org.jenkins-ci.main:jenkins-core MAVEN version =1.626, =0.3, =1.2, =1.1.2, =1.626, =1.626, =0.2.0, =1.0, =1.1.0, =0.1, =0.2, =0.1, =0.3 - org.jenkins-ci.plugins:icn-plugin-loader =1.0 and more Source cves: CVE-2015-7537 Source advisory: SNYK:JAVA-ORGJENKINSCIMAIN-9404629...
Cross-Site Scripting (XSS)
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...
Path Traversal
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...
Sensitive Information Disclosure
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. The following security issues are addressed with this release: An authorization flaw was discovered in Kubernetes; the API server did not...
Fedora 22 : jenkins-1.609.3-5.fc22 (2015-938c70c840)
Security update, fixes: CVE-2015-7536 SECURITY-95, CVE-2015-7537 SECURITY-225, CVE-2015-7538 SECURITY-233, CVE-2015-7539 SECURITY-234 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically...
CVE-2015-7537
Cross-site request forgery CSRF vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via vectors related to the HTTP GET method...
CVE-2015-7537
CVE-2015-7537 affects Jenkins, described as a CSRF vulnerability that could allow an attacker to hijack admin authentication via HTTP GET. Affected versions: Jenkins before 1.640 and LTS before 1.625.2. Mitigation: upgrade to Jenkins 1.640 or newer or LTS 1.625.2 or newer. The connected advisory ...