5470 matches found
BIT-JENKINS-2025-27623
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets...
Security update for pcr-oracle, shim
This update for pcr-oracle, shim fixes the following issues: pcr-oracle: predict SbatLevelRT for the next boot bsc1230316 shim was updated to version 15.8: Update shim-install to use the 'removable' way for encrypted SL-Micro images bsc1230316 Always use the removable way for SL-Micro Limit the...
CVE-2025-27623
A flaw was found in Jenkins. Affected versions of Jenkins do not redact encrypted values of secrets when accessing the config.xml of views via REST API or CLI. This flaw allows attackers with view/read permission to view encrypted values of secrets...
Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI. This allows attackers with Agent/Extended Read permission to view encrypted values of secrets. Jenkins 2.500, LTS 2.492.2 redacts the encrypted...
GHSA-RFH6-9R2Q-98VF Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI. This allows attackers with View/Read permission to view encrypted values of secrets. Jenkins 2.500, LTS 2.492.2 redacts the encrypted values of...
Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI. This allows attackers with View/Read permission to view encrypted values of secrets. Jenkins 2.500, LTS 2.492.2 redacts the encrypted values of...
GHSA-P34J-R3CH-C985 Jenkins reveals encrypted values of secrets stored in agent configuration to users with Agent/Extended Read permission
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI. This allows attackers with Agent/Extended Read permission to view encrypted values of secrets. Jenkins 2.500, LTS 2.492.2 redacts the encrypted...
CVE-2025-27623
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets...
CVE-2025-27623
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets...
CVE-2025-27623
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets...
CVE-2025-27622
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of secrets...
CVE-2025-27622
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of secrets...
CVE-2025-27622
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of secrets...
CVE-2025-27623
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets...
CVE-2025-27623
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI, allowing attackers with View/Read permission to view encrypted values of secrets...
CVE-2025-27623
Jenkins security issue CVE-2025-27623 affects Jenkins versions 2.499 and earlier and LTS 2.492.1 and earlier. The root cause is an encryption handling flaw that fails to redact encrypted secret values in view configuration when accessed via REST/CLI through config.xml, enabling users with View/Re...
CVE-2025-27622
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of secrets...
CVE-2025-27622
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of agents via REST API or CLI, allowing attackers with Agent/Extended Read permission to view encrypted values of secrets...
CVE-2025-27622
CVE-2025-27622 affects Jenkins 2.499 and earlier, and LTS 2.492.1 and earlier, where encrypted values of secrets stored in agent configuration (config.xml) are not redacted when accessed via REST API or CLI. An attacker with Agent/Extended Read permission can view these encrypted secret values. T...
[SECURITY] Fedora 41 Update: fscrypt-0.3.5-2.fc41
fscrypt is a high-level tool for the management of Linux filesystem encryptio n. This tool manages metadata, key generation, key wrapping, PAM integration, and provides a uniform interface for creating and modifying encrypted directories...