5 matches found
Jenkins Sidepanel Unauthorized Agent/Queue Exposure
Jenkins versions prior to 2.582 and prior to LTS 2.516.3 are affected by a lack of permission check for the authenticated user profile dropdown menu. A remote and unauthenticated attacker can obtain limited information about the Jenkins configuration agent and builds. No source data...
EUVD-2025-29722
Malicious code in bioql PyPI...
CVE-2025-59475
Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not perform a permission check for the authenticated user profile dropdown menu, allowing attackers without Overall/Read permission to obtain limited information about the Jenkins configuration by listing available options in this menu e.g.,...
CVE-2025-59475
Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not perform a permission check for the authenticated user profile dropdown menu, allowing attackers without Overall/Read permission to obtain limited information about the Jenkins configuration by listing available options in this menu e.g.,...
PT-2025-38152
Name of the Vulnerable Software and Affected Versions Jenkins versions 2.527 and earlier Jenkins LTS versions 2.516.2 and earlier Description Jenkins does not perform a permission check for the authenticated user profile dropdown menu. This allows attackers without Overall/Read permission to obta...