Lucene search
K

7 matches found

vulnersOsv
vulnersOsv
added 2022/05/24 4:50 p.m.7 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1574 more potentially affected by CVE-2019-10352 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.17)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2019-10352 Source advisory: OSV:GHSA-QR42-82QJ-MW65...

6.5CVSS6.7AI score0.10225EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2020/03/18 5:12 a.m.31 views

CVE-2019-10352

A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java allowed attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an arbitrary fil...

6.5CVSS4AI score0.10225EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2019/08/20 12:0 a.m.40 views

RHEL 7 : OpenShift Container Platform 3.11 jenkins (RHSA-2019:2503)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:2503 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

7.5CVSS6.4AI score0.10225EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2019/07/26 12:0 a.m.37 views

Jenkins < 2.176.2 LTS / 2.186 Multiple Vulnerabilities

The version of Jenkins running on the remote web server is prior to 2.186 or is a version of Jenkins LTS prior to 2.176.2. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file write vulnerability exists due to an incomplete fix for SECURITY-1074, the improper validation of...

7.5CVSS6.4AI score0.10225EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2019/07/19 12:0 a.m.30 views

FreeBSD : jenkins -- multiple vulnerabilities (df3db21d-1a4d-4c78-acf7-4639e5a795e0)

Jenkins Security Advisory : DescriptionMedium SECURITY-1424 / CVE-2019-10352 Arbitrary file write vulnerability using file parameter definitions High SECURITY-626 / CVE-2019-10353 CSRF protection tokens did not expire Medium SECURITY-534 / CVE-2019-10354 Unauthorized view fragment access C Tenabl...

7.5CVSS6AI score0.10225EPSS
Exploits1References6
NVD
NVD
added 2019/07/17 4:15 p.m.13 views

CVE-2019-10352

A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java allowed attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an arbitrary fil...

6.5CVSS5AI score0.10225EPSS
Exploits1References6
CVE
CVE
added 2019/07/17 3:45 p.m.108 views

CVE-2019-10352

CVE-2019-10352 describes a path-traversal flaw in Jenkins core up to version 2.185 and LTS up to 2.176.1, in FileParameterValue.java, allowing attackers with Job/Configure permission to define a file parameter whose name escapes the intended directory. This can lead to arbitrary file writes on th...

6.5CVSS5.1AI score0.10225EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder