5 matches found
PT-2026-2799
Name of the Vulnerable Software and Affected Versions Hono versions prior to 4.11.4 Description Hono’s JWT verification middleware had a flaw where the algorithm specified in the JWT header could influence signature verification, even when the selected JWK did not explicitly define an algorithm...
PT-2025-53083
Name of the Vulnerable Software and Affected Versions Real 3D FlipBook versions through 4.11.4 Description The Real 3D FlipBook plugin contains a flaw due to improper neutralization of input during web page generation, leading to a Stored Cross-site Scripting XSS condition. This allows an attacke...
GHSA-V878-67XW-GRW2 Lack of authentication mechanism in Jenkins Git Plugin webhook
Git Plugin provides a webhook endpoint at /git/notifyCommit that can be used to notify Jenkins of changes to an SCM repository. For its most basic functionality, this endpoint receives a repository URL, and Jenkins will schedule polling for all jobs configured with the specified repository. In Gi...
GHSA-449W-C77C-VMF6 Lack of authentication mechanism in Jenkins Git Plugin webhook
Git Plugin provides a webhook endpoint at /git/notifyCommit that can be used to notify Jenkins of changes to an SCM repository. For its most basic functionality, this endpoint receives a repository URL, and Jenkins will schedule polling for all jobs configured with the specified repository. In Gi...
DEBIAN-CVE-2017-18221
The munlockpagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service NRMLOCK accounting corruption via crafted use of mlockall and munlockall system calls...