6 matches found
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1929 more potentially affected by CVE-2017-1000391 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.7)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =55.v51410e712e0c, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.23 and more Source cves: CVE-2017-1000391 Source advisory: OSV:GHSA-WFJ3-535M-P6FX...
CVE-2017-1000391
Jenkins versions 2.88 and earlier and 2.73.2 and earlier stores metadata related to 'people', which encompasses actual user accounts, as well as users appearing in SCM, in directories corresponding to the user ID on disk. These directories used the user ID for their name without additional...
CVE-2017-1000391
Jenkins versions 2.88 and earlier and 2.73.2 and earlier stores metadata related to 'people', which encompasses actual user accounts, as well as users appearing in SCM, in directories corresponding to the user ID on disk. These directories used the user ID for their name without additional...
CVE-2017-1000391
Jenkins CVE-2017-1000391 affects Jenkins versions 2.88 and earlier and 2.73.2 and earlier. The vulnerability arises because metadata for users (including SCM users) is stored in directories named after their user ID, without escaping, which could lead to overwriting of unrelated configuration fil...
CVE-2017-1000391
Jenkins versions 2.88 and earlier and 2.73.2 and earlier stores metadata related to 'people', which encompasses actual user accounts, as well as users appearing in SCM, in directories corresponding to the user ID on disk. These directories used the user ID for their name without additional...
Jenkins Multiple Vulnerabilities (Nov 2017) - Linux
Jenkins is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:jenkins:jenkins"; ifdescription...