5 matches found
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1598 more potentially affected by CVE-2017-2612 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.32.1)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2017-2612 Source advisory: OSV:GHSA-WF9G-RH76-6JVR...
CVE-2017-2612
CVE-2017-2612 affects Jenkins platforms prior to 2.44 and prior to 2.32.2. The issue allows low-privilege users to override JDK download credentials, which can lead to builds failing to download a JDK in the future. Root cause is improper permission/credential handling for JDK download. The descr...
Jenkins Multiple Vulnerabilities (Feb 2017) - Linux
Jenkins is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:jenkins:jenkins"; ifdescription...
Jenkins Multiple Vulnerabilities (Feb 2017) - Windows
Jenkins is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:jenkins:jenkins"; ifdescription...
CVE-2017-2612
In Jenkins before versions 2.44, 2.32.2 low privilege users were able to override JDK download credentials SECURITY-392, resulting in future builds possibly failing to download a JDK...