5 matches found
CVE-2017-1000395
Jenkins 2.73.1 and earlier, 2.83 and earlier provides information about Jenkins user accounts which is generally available to anyone with Overall/Read permissions via the /user/username/api remote API. This included e.g. Jenkins users' email addresses if the Mailer Plugin is installed. The remote...
CVE-2017-1000395
Jenkins 2.73.1 and earlier, 2.83 and earlier provides information about Jenkins user accounts which is generally available to anyone with Overall/Read permissions via the /user/username/api remote API. This included e.g. Jenkins users' email addresses if the Mailer Plugin is installed. The remote...
CVE-2017-1000395
CVE-2017-1000395 affects Jenkins Core (2.73.1 and earlier, 2.83 and earlier). The remote /user/(username)/api API disclosed user-account details (e.g., emails via Mailer Plugin) to non-admins; the API now only returns basic info (userID and name) unless the requester is an administrator. This is ...
CVE-2017-1000395
Jenkins 2.73.1 and earlier, 2.83 and earlier provides information about Jenkins user accounts which is generally available to anyone with Overall/Read permissions via the /user/username/api remote API. This included e.g. Jenkins users' email addresses if the Mailer Plugin is installed. The remote...
Jenkins Multiple Vulnerabilities (Oct 2017) - Linux
Jenkins is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:jenkins:jenkins"; ifdescription...