3 matches found
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1573 more potentially affected by CVE-2018-1000409 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.13)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2018-1000409 Source advisory: OSV:GHSA-RR6R-P7RW-369C...
CVE-2018-1000409
Summary: Jenkins 2.145 and earlier, including LTS 2.138.1 and earlier, are affected by a session fixation flaw in core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java that prevents invalidating an existing session and creating a new one when a user signs up for a new account. Impact...
Jenkins < 2.146 and < 2.138.2 LTS Multiple Vulnerabilities - Linux
Jenkins is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...