4 matches found
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +2012 more potentially affected by CVE-2018-1000067 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.8)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =55.v51410e712e0c, =1.0, =0.0.1, =0.1.1, =0.1.0, =1.0, =0.9, =0.45 and more Source cves: CVE-2018-1000067 Source advisory: OSV:GHSA-6MV9-HCX5-7MHH...
Jenkins < 2.107 / < 2.89.4 (LTS) Server-Side Request Forgery (SSRF) Vulnerability
The remote web server hosts a version of Jenkins that is prior to 2.107, or a version of Jenkins LTS prior to 2.89.4. It is, therefore, affected by a server-side request forgery SSRF vulnerability. Insufficient proxy configuration form access control allow attackers with overall/read access to...
Jenkins < 2.107 and < 2.89.4 LTS Multiple Vulnerabilities - Windows
Jenkins is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:jenkins:jenkins"; ifdescription...
CVE-2018-1000067
CVE-2018-1000067 is a Jenkins SSRF/info-disclosure vulnerability affecting Jenkins versions 2.106 and earlier and LTS 2.89.3 and earlier. The issue arises from improper authorization that allows an attacker to trigger HTTP GET requests and view limited response data. Affected products and fixed v...