PT-2023-24003 · Unknown · E-Excellence U-Office Force

Name of the Vulnerable Software and Affected Versions: e-Excellence U-Office Force affected versions not specified Description: An unauthenticated remote attacker can obtain partial sensitive system information from an error message by sending a crafted command to the website service of...

Jenkins Fortify Plugin HTML injection vulnerability

Jenkins Fortify Plugin 22.1.38 and earlier does not escape the error message for a form validation method. This results in an HTML injection vulnerability. Fortify Plugin 22.2.39 removes HTML tags from the error message...

Citrix Cloud Error: "Invalid username, password or token"

A user cannot login to Citrix Workspace and receives the following error message: “Invalid username, password or token” when logging in...

“The X request 130.1 caused error:” appears when try to change session window mode.

Issue occurs when switching between full screen and windowed mode. Error Message: “The X request 130.1 caused error:”10: BadAccessAttempt to access private resource denied”...

CVE-2023-4303

Jenkins Fortify Plugin 22.1.38 and earlier does not escape the error message for a form validation method, resulting in an HTML injection vulnerability...

PT-2023-6025 · Jenkins · Jenkins Fortify Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Fortify Plugin versions 22.1.38 and earlier Description: The issue is related to the failure to protect the web page structure, allowing a remote attacker to perform an HTML injection. This occurs because the error message for a form...

Add Machine fails with "Currently there are no machines available in a compatible machine catalog"

VDAs from the newly created Machine catalog cannot be added to an existing Delivery group. The error message is: "Currently there are no machines available in a compatible machine catalog."...

ADM HA "Not valid password or incorrect host IP or the host is unable to respond the the request"

When adding the primary ADM on the secondary ADM, the customer encountered the following error: "Not valid password or incorrect host IP or the host is unable to respond to the request."...

App Layering - Unable to publish the image - disk space is full

App Layering - Unable to publish the images with a disk space is full error message. Error: A failure occurred while publishing the Layered Image: An error occurred while compositing the layer or image. Please check the available disk space on the local storage or the size of the target image...

App Layer creation Fails with "A socket operation was attempted to an unreachable network"

App Layer creation Fails with "A socket operation was attempted to an unreachable network :65530"...

CVE-2023-40171 Dispatch writes JWT tokens in error message

Dispatch is an open source security incident management tool. The server response includes the JWT Secret Key used for signing JWT tokens in error message when the Dispatch Plugin - Basic Authentication Provider plugin encounters an error when attempting to decode a JWT token. Any Dispatch users...

CVE-2023-40338

A flaw was found in the Jenkins Folders plugin. Affected versions of this plugin display an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available. This flaw exposes information about the Jenkins controller fi...

GHSA-36HQ-V2FC-RPQP Jenkins Folders Plugin information disclosure vulnerability

Jenkins Folders Plugin displays an error message when attempting to access the Scan Organization Folder Log if no logs are available. In Folders Plugin 6.846.v23698686f0f6 and earlier, this error message includes the absolute path of a log file, exposing information about the Jenkins controller...

CVE-2023-40338

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system...

Design/Logic Flaw

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system...

CVE-2023-40338

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier exposes the absolute path to a log file in the error message when accessing Scan Organization Folder Log without logs. This information disclosure vulnerability (CVE-2023-40338) has a confirmed fix in 6.848.ve3b_fd7839a_81 and newer; remediat...

CVE-2023-40338

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system...

CVE-2023-40338

Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system...

Cannot launch applications nor desktops at the second try in Citrix Workspace App

After adding the store to Workspace App, users can launch applications successfully for the first time. But when users exit the Workspace app and reopen it, they fail to launch applications on the second try. Error "Your apps are not available at this time" appears...

curl: use after free in SSH sha256 fingerprint check

A use-after-free flaw was found in the Curl package. This flaw risks inserting sensitive heap-based data into the error message that users might see or is otherwise leaked and revealed...