Lucene search
K

5470 matches found

OSV
OSV
added 2025/03/07 8:55 p.m.8 views

BIT-JENKINS-2025-27623

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets...

4.3CVSS6.5AI score0.00298EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/03/07 3:31 p.m.3 views

Security update for pcr-oracle, shim

This update for pcr-oracle, shim fixes the following issues: pcr-oracle: predict SbatLevelRT for the next boot bsc1230316 shim was updated to version 15.8: Update shim-install to use the 'removable' way for encrypted SL-Micro images bsc1230316 Always use the removable way for SL-Micro Limit the...

7.1CVSS7.5AI score0.04852EPSS
Exploits0References26
RedhatCVE
RedhatCVE
added 2025/03/06 5:48 a.m.7 views

CVE-2025-27623

A flaw was found in Jenkins. Affected versions of Jenkins do not redact encrypted values of secrets when accessing the config.xml of views via REST API or CLI. This flaw allows attackers with view/read permission to view encrypted values of secrets...

4.3CVSS6.7AI score0.00298EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/03/06 12:31 a.m.14 views

Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI. This allows attackers with Agent/Extended Read permission to view encrypted values of secrets. Jenkins 2.500, LTS 2.492.2 redacts the encrypted...

4.3CVSS6.7AI score0.00684EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/03/06 12:31 a.m.3 views

GHSA-RFH6-9R2Q-98VF Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI. This allows attackers with View/Read permission to view encrypted values of secrets. Jenkins 2.500, LTS 2.492.2 redacts the encrypted values of...

4.3CVSS7.2AI score0.00298EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/03/06 12:31 a.m.14 views

Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI. This allows attackers with View/Read permission to view encrypted values of secrets. Jenkins 2.500, LTS 2.492.2 redacts the encrypted values of...

4.3CVSS6.7AI score0.00298EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/03/06 12:31 a.m.4 views

GHSA-P34J-R3CH-C985 Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI. This allows attackers with Agent/Extended Read permission to view encrypted values of secrets. Jenkins 2.500, LTS 2.492.2 redacts the encrypted...

4.3CVSS6.9AI score0.00684EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2025/03/05 11:15 p.m.4 views

CVE-2025-27623

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets...

4.3CVSS7.1AI score0.00298EPSS
Exploits0References1
NVD
NVD
added 2025/03/05 11:15 p.m.13 views

CVE-2025-27623

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets...

4.3CVSS0.00298EPSS
Exploits0References1
OSV
OSV
added 2025/03/05 11:15 p.m.4 views

CVE-2025-27623

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets...

4.3CVSS6.9AI score
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/03/05 11:15 p.m.7 views

CVE-2025-27622

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of secrets...

4.3CVSS7.1AI score0.00684EPSS
Exploits0References1
NVD
NVD
added 2025/03/05 11:15 p.m.15 views

CVE-2025-27622

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of secrets...

4.3CVSS0.00684EPSS
Exploits0References1
OSV
OSV
added 2025/03/05 11:15 p.m.4 views

CVE-2025-27622

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of secrets...

4.3CVSS6.9AI score
Exploits0References1
Cvelist
Cvelist
added 2025/03/05 10:33 p.m.12 views

CVE-2025-27623

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets...

0.00298EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/05 10:33 p.m.8 views

CVE-2025-27623

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets...

7AI score0.00298EPSS
Exploits0References1
CVE
CVE
added 2025/03/05 10:33 p.m.136 views

CVE-2025-27623

Jenkins security issue CVE-2025-27623 affects Jenkins versions 2.499 and earlier and LTS 2.492.1 and earlier. The root cause is an encryption handling flaw that fails to redact encrypted secret values in view configuration when accessed via REST/CLI through config.xml, enabling users with View/Re...

4.3CVSS7AI score0.00298EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/03/05 10:33 p.m.15 views

CVE-2025-27622

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of secrets...

0.00684EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/05 10:33 p.m.7 views

CVE-2025-27622

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of secrets...

7AI score0.00684EPSS
Exploits0References1
CVE
CVE
added 2025/03/05 10:33 p.m.185 views

CVE-2025-27622

CVE-2025-27622 affects Jenkins 2.499 and earlier, and LTS 2.492.1 and earlier, where encrypted values of secrets stored in agent configuration (config.xml) are not redacted when accessed via REST API or CLI. An attacker with Agent/Extended Read permission can view these encrypted secret values. T...

4.3CVSS7AI score0.00684EPSS
Exploits0References1Affected Software1
Fedora
Fedora
added 2025/03/05 1:15 a.m.7 views

[SECURITY] Fedora 41 Update: fscrypt-0.3.5-2.fc41

fscrypt is a high-level tool for the management of Linux filesystem encryptio n. This tool manages metadata, key generation, key wrapping, PAM integration, and provides a uniform interface for creating and modifying encrypted directories...

7.3AI score
Exploits0
Rows per page
Query Builder