Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedHat Linux
RedHat Linuxadded 2021/12/02 6:37 p.m.2 views

jenkins: Agent-to-controller access control allowed writing to sensitive directory used by Pipeline: Shared Groovy Libraries Plugin

An incorrect permissions validation vulnerability was found in Jenkins. An agent process read/write access to the libs/ directory inside build directories when using the FilePath APIs is not limited. This allows attackers in control of agent processes to replace the code of a trusted library with...

9.8CVSS6.1AI score0.00954EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2021/12/01 12:28 p.m.2 views

jenkins: Agent-to-controller access control allowed writing to sensitive directory used by Pipeline: Shared Groovy Libraries Plugin

An incorrect permissions validation vulnerability was found in Jenkins. An agent process read/write access to the libs/ directory inside build directories when using the FilePath APIs is not limited. This allows attackers in control of agent processes to replace the code of a trusted library with...

9.8CVSS6.1AI score0.00954EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2021/11/30 9:11 a.m.2 views

jenkins: Agent-to-controller access control allowed writing to sensitive directory used by Pipeline: Shared Groovy Libraries Plugin

An incorrect permissions validation vulnerability was found in Jenkins. An agent process read/write access to the libs/ directory inside build directories when using the FilePath APIs is not limited. This allows attackers in control of agent processes to replace the code of a trusted library with...

9.8CVSS6.1AI score0.00954EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2021/11/29 10:40 a.m.2 views

jenkins: Agent-to-controller access control allowed writing to sensitive directory used by Pipeline: Shared Groovy Libraries Plugin

An incorrect permissions validation vulnerability was found in Jenkins. An agent process read/write access to the libs/ directory inside build directories when using the FilePath APIs is not limited. This allows attackers in control of agent processes to replace the code of a trusted library with...

9.8CVSS6.1AI score0.00954EPSS
Exploits0References5
CNVD
CNVDadded 2021/11/06 12:0 a.m.27 views

Jenkins Access Control Error Vulnerability (CNVD-2021-103366)

Jenkins is a Jenkins open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins has an access control error vulnerability in versions 2.318 and earlier and LTS 2.303 and earlier, which stems from the use of the FilePath AP...

9.8CVSS2.2AI score0.00954EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2021/11/04 12:0 a.m.2 views

PT-2021-4993 · Jenkins · Remoting Security Workaround Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.318 and earlier, LTS versions 2.303.2 and earlier Description: The issue is related to the implementation of the FilePath API in the Jenkins automation server, which does not limit agent read/write access to the libs/...

9.8CVSS9.4AI score0.00954EPSS
Exploits0References14
Rows per page
Query Builder