Lucene search
K

4 matches found

Snyk
Snyk
added 2022/05/17 3:53 a.m.1 views

Cross-site Scripting (XSS)

Overview org.jenkins-ci:winstone is a command line wrapper around Jetty. Affected versions of this package are vulnerable to Cross-site Scripting XSS via error messages. An attacker can inject arbitrary web script or HTML by crafting malicious input that triggers these error messages. Details...

3.7CVSS5.3AI score0.01277EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2020/08/18 9:55 a.m.4 views

Critical Jenkins Server Vulnerability Could Leak Sensitive Information

Jenkins—a popular open-source automation server software—published an advisory on Monday concerning a critical vulnerability in the Jetty web server that could result in memory corruption and cause confidential information to be disclosed. Tracked as CVE-2019-17638, the flaw has a CVSS rating of...

9.4CVSS7.5AI score0.11138EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/01/05 12:0 a.m.18 views

Fedora Update for jenkins-winstone FEDORA-2014-15776

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedora
added 2014/12/06 10:55 a.m.10 views

[SECURITY] Fedora 21 Update: jenkins-winstone-2.8-1.fc21

Winstone is a servlet container that was written out of a desire to provide servlet functionality without the bloat that full J2EE compliance introduces...

2.9AI score
Exploits0
Rows per page
Query Builder