Lucene search
+L

6 matches found

vulnersOsv
vulnersOsv
added 2022/05/24 4:50 p.m.3 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1574 more potentially affected by CVE-2019-10354 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.17)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2019-10354 Source advisory: OSV:GHSA-6JFC-MC97-C7WG...

4.3CVSS6.7AI score0.01647EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/08/20 12:0 a.m.41 views

RHEL 7 : OpenShift Container Platform 3.11 jenkins (RHSA-2019:2503)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:2503 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...

7.5CVSS6.4AI score0.10225EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2019/07/26 12:0 a.m.40 views

Jenkins < 2.176.2 LTS / 2.186 Multiple Vulnerabilities

The version of Jenkins running on the remote web server is prior to 2.186 or is a version of Jenkins LTS prior to 2.176.2. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file write vulnerability exists due to an incomplete fix for SECURITY-1074, the improper validation of...

7.5CVSS6.4AI score0.10225EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2019/07/19 12:0 a.m.31 views

FreeBSD : jenkins -- multiple vulnerabilities (df3db21d-1a4d-4c78-acf7-4639e5a795e0)

Jenkins Security Advisory : DescriptionMedium SECURITY-1424 / CVE-2019-10352 Arbitrary file write vulnerability using file parameter definitions High SECURITY-626 / CVE-2019-10353 CSRF protection tokens did not expire Medium SECURITY-534 / CVE-2019-10354 Unauthorized view fragment access C Tenabl...

7.5CVSS6AI score0.10225EPSS
Exploits1References6
OSV
OSV
added 2019/07/17 4:15 p.m.20 views

CVE-2019-10354

A vulnerability in the Stapler web framework used in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier allowed attackers to access view fragments directly, bypassing permission checks and possibly obtain sensitive information...

4.3CVSS6.4AI score
Exploits0References5
CVE
CVE
added 2019/07/17 3:45 p.m.126 views

CVE-2019-10354

This CVE affects Jenkins: the Stapler web framework used by Jenkins up to 2.185 (and LTS up to 2.176.1) permits an authenticated attacker to directly access view fragments, bypassing permission checks and potentially exposing sensitive information. The underlying issue is improper access control ...

4.3CVSS4.3AI score0.01647EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder