12 matches found
RHEL 8 : Jenkins and Jenkins-2-plugins (RHSA-2024:0778)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0778 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3195)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3195 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
RHEL 8 : Red Hat Product OCP Tools 4.13 OpenShift Jenkins (RHSA-2023:6179)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6179 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0777)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0777 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
RHEL 8 : Red Hat Product OCP Tools 4.14 Openshift Jenkins (RHSA-2023:7288)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7288 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
RHCOS 4 : OpenShift Container Platform 4.10.58 (RHSA-2023:1866)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1866 advisory. - jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin CVE-2023-25761 - jenkins-2-plugins/pipeline-build-step: Stored X...
Critical: Red Hat Security Advisory: Red Hat Product OCP Tools 4.13 OpenShift Jenkins security update
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Critical: Red Hat Security Advisory: Red Hat Product OCP Tools 4.11 Openshift Jenkins security update
An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.11. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: jenkins and jenkins-2-plugins security update
An update for jenkins and jenkins-2-plugins is now available for OpenShift Developer Tools and Services for OCP 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.10.58 security update
Red Hat OpenShift Container Platform release 4.10.58 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a...
org.jenkins-ci.plugins.workflow:workflow-aggregator (>=2.0 <=2.2), org.jenkins-ci.plugins:token-macro (=2.2) +1 more potentially affected by CVE-2023-25762 via org.jenkins-ci.plugins:pipeline-build-step (>=2.0 <=2.1)
org.jenkins-ci.plugins:pipeline-build-step MAVEN version =2.0, =2.0, =1.0.0, =1.0.8 Source cves: CVE-2023-25762 Source advisory: OSV:GHSA-9J65-3F2Q-8Q2R...
CVE-2023-25762
CVE-2023-25762 affects Jenkins Pipeline: Build Step Plugin 2.18 and earlier. The root cause is failure to escape job names in a JavaScript expression used by the Pipeline Snippet Generator, enabling a stored XSS vulnerability exploitable by attackers who can control job names. The provided docume...