2 matches found
Jenkins Enterprise and Operations Center 2.303.x < 2.303.30.0.16 / 2.346.4.1 Multiple Vulnerabilities (CloudBees Security Advisory 2022-08-27)
The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.303.x prior to 2.303.30.0.16, or 2.x prior to 2.346.4.1. It is, therefore, affected by multiple vulnerabilities, including the following: - Loading specially-crafted yaml with the Kubernetes Java...
CVE-2022-38665
CVE-2022-38665 applies to Jenkins CollabNet Plugins Plugin 2.0.8 and earlier, where the RabbitMQ password is stored unencrypted in the plugin’s global configuration file on the Jenkins controller. This allows users with filesystem access to view the password. Red Hat, OSV, and Nessus records corr...