7 matches found
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +2012 more potentially affected by CVE-2018-6356 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.8)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =55.v51410e712e0c, =1.0, =0.0.1, =0.1.1, =0.1.0, =1.0, =0.9, =0.45 and more Source cves: CVE-2018-6356 Source advisory: OSV:GHSA-5P59-V5WM-77V4...
Jenkins < 2.89.4 / 2.107 Multiple Vulnerabilities
The version of Jenkins running on the remote web server is prior to 2.107 or is a version of Jenkins LTS prior to 2.89.4. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version...
CVE-2018-6356
Jenkins before 2.107 and Jenkins LTS before 2.89.4 did not properly prevent specifying relative paths that escape a base directory for URLs accessing plugin resource files. This allowed users with Overall/Read permission to download files from the Jenkins master they should not have access to. On...
CVE-2018-6356
Jenkins before 2.107 and Jenkins LTS before 2.89.4 did not properly prevent specifying relative paths that escape a base directory for URLs accessing plugin resource files. This allowed users with Overall/Read permission to download files from the Jenkins master they should not have access to. On...
CVE-2018-6356
Jenkins before 2.107 and Jenkins LTS before 2.89.4 did not properly prevent specifying relative paths that escape a base directory for URLs accessing plugin resource files. This allowed users with Overall/Read permission to download files from the Jenkins master they should not have access to. On...
CVE-2018-6356
Jenkins before 2.107 and Jenkins LTS before 2.89.4 fail to block relative paths that escape the plugin resource directory, allowing users with Overall/Read to download files from the Jenkins master. On Windows, any file accessible to the master could be downloaded; on other OSes, any file under t...
Jenkins < 2.107 and < 2.89.4 LTS Multiple Vulnerabilities - Windows
Jenkins is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:jenkins:jenkins"; ifdescription...