13 matches found
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3198)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3198 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3195)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3195 advisory. Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by cro...
Critical: Red Hat Security Advisory: Red Hat Product OCP Tools 4.11 Openshift Jenkins security update
An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.11. Red Hat Product Security has rated this update as having a security impact of important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Critical: Red Hat Security Advisory: OpenShift Container Platform 4.10.56 security update
Red Hat OpenShift Container Platform release 4.10.56 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1602 more potentially affected by CVE-2023-27903 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.37)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2023-27903 Source advisory: OSV:GHSA-584M-7R4M-8J6V...
CVE-2023-27903
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a file parameter through the CLI, potentially allowing attackers with access to the Jenkins controller file system to...
CVE-2023-27903 vulnerabilities
Vulnerabilities for packages: jenkins...
CVE-2023-27903 vulnerabilities
Vulnerabilities for packages: jenkins...
Jenkins < 2.375.4 (LTS), < 2.394 Multiple Vulnerabilities - Windows
Jenkins is prone to multiple vulnerabilities. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2023-27903
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a file parameter through the CLI, potentially allowing attackers with access to the Jenkins controller file system to...
CVE-2023-27903
CVE-2023-27903 affects Jenkins/Jenkins-2-plugins. The connected documents describe it as "Temporary file parameter created with insecure permissions", enabling a local attacker with access to the controller’s filesystem to read/write the temporary file before it is used. Red Hat advisories (RHSA-...
CVE-2023-27903
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a file parameter through the CLI, potentially allowing attackers with access to the Jenkins controller file system to...
jenkins -- multiple vulnerabilities
Jenkins Security Advisory: Description High SECURITY-3037 / CVE-2023-27898 XSS vulnerability in plugin manager Medium SECURITY-3030 / CVE-2023-24998 upstream issue, CVE-2023-27900 MultipartFormDataParser, CVE-2023-27901 StaplerRequest DoS vulnerability in bundled Apache Commons FileUpload library...