EUVD-2022-3431

Malicious code in bioql PyPI...

BIT-JENKINS-2021-21670

Jenkins LTS 2.289.1 and earlier allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when they do not have Item/Read permission...

GHSA-Q4WP-8C99-69PW Improper permission checks allow canceling queue items and aborting builds in Jenkins

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when they do not have Item/Read permission. Jenkins 2.300, LTS 2.289.2 requires that users have Item/Read permission for applicable types ...

Improper permission checks allow canceling queue items and aborting builds in Jenkins

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when they do not have Item/Read permission. Jenkins 2.300, LTS 2.289.2 requires that users have Item/Read permission for applicable types ...

jenkins: improper permission checks allow canceling queue items and aborting builds

Incorrect Authorization vulnerability was found in Jenkins. Users with Item/Cancel permission are able to cancel queue items and abort builds of jobs even when they do not have Item/Read permission...

jenkins: improper permission checks allow canceling queue items and aborting builds

Incorrect Authorization vulnerability was found in Jenkins. Users with Item/Cancel permission are able to cancel queue items and abort builds of jobs even when they do not have Item/Read permission...

jenkins: improper permission checks allow canceling queue items and aborting builds

Incorrect Authorization vulnerability was found in Jenkins. Users with Item/Cancel permission are able to cancel queue items and abort builds of jobs even when they do not have Item/Read permission...

FreeBSD : jenkins -- multiple vulnerabilities (9d271bab-da22-11eb-86f0-94c691a700a6)

Jenkins Security Advisory : DescriptionMedium SECURITY-2278 / CVE-2021-21670 Improper permission checks allow canceling queue items and aborting builds High SECURITY-2371 / CVE-2021-21671 Session fixation vulnerability %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

CVE-2021-21670

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when they do not have Item/Read permission...

Cross site scripting

Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not escape the reason why a queue items is blcoked in tooltips, resulting in a stored XSS vulnerability exploitable by users able to control parts of the reason a queue item is blocked, such as label expressions not matching any idle executor...

CVE-2019-10404

Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not escape the reason why a queue items is blcoked in tooltips, resulting in a stored XSS vulnerability exploitable by users able to control parts of the reason a queue item is blocked, such as label expressions not matching any idle executor...