8 matches found
RHCOS 4 : OpenShift Container Platform 4.7.11 (RHSA-2021:1551)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1551 advisory. - golang: math/big: panic during recursive division of very large numbers CVE-2020-28362 - golang: crypto/elliptic: incorrect...
Jenkins < 2.287, < 2.277.2 LTS Multiple Vulnerabilities - Windows
Jenkins is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Jenkins < 2.287, < 2.277.2 LTS Multiple Vulnerabilities - Linux
Jenkins is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.8.2 packages and security update
Red Hat OpenShift Container Platform release 4.8.2 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a security impact of...
FreeBSD : jenkins -- multiple vulnerabilities (9595d002-edeb-4602-be2d-791cd654247e)
Jenkins Security Advisory : DescriptionLow SECURITY-1721 / CVE-2021-21639 Lack of type validation in agent related REST API Medium SECURITY-1871 / CVE-2021-21640 View name validation bypass C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
CVE-2021-21640
Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not properly check that a newly created view has an allowed name, allowing attackers with View/Create permission to create views with invalid or already-used names...
CVE-2021-21640
CVE-2021-21640 affects Jenkins 2.286 and earlier, and LTS 2.277.1 and earlier. The vulnerability is a view name validation bypass: when creating a new view, the submitted name is not consistently validated, allowing attackers with View/Create permission to create views with invalid or already-use...
CVE-2021-21640
Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not properly check that a newly created view has an allowed name, allowing attackers with View/Create permission to create views with invalid or already-used names...