Lucene search
K

16 matches found

OSV
OSV
added 2026/06/12 8:43 a.m.6 views

BIT-JENKINS-2026-53438

A missing permission check in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allows attackers with Item/Cancel permission, but lacking Item/Read permission, to cancel queue items they do not have permission to view...

4.3CVSS5.4AI score0.00213EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/10 1:5 p.m.10 views

EUVD-2026-36022

A missing permission check in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allows attackers with Item/Cancel permission, but lacking Item/Read permission, to cancel queue items they do not have permission to view...

4.3CVSS5.5AI score0.00213EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/10 1:5 p.m.7 views

CVE-2026-53438

A missing permission check in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allows attackers with Item/Cancel permission, but lacking Item/Read permission, to cancel queue items they do not have permission to view...

5.5AI score0.00213EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/10 1:5 p.m.8 views

CVE-2026-53438

A missing permission check in Jenkins 2.567 and earlier, LTS 2.555.2 and earlier allows attackers with Item/Cancel permission, but lacking Item/Read permission, to cancel queue items they do not have permission to view...

4.3CVSS5.5AI score0.00213EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.18 views

Jenkins 安全漏洞

Jenkins is an open-source application developed by Jenkins Project. The open-source automation server Jenkins offers hundreds of plugins to support building, deploying, and automating any project. Jenkins versions 2.567 and earlier, as well as LTS 2.555.2 and earlier, have security vulnerabilitie...

4.3CVSS5.3AI score0.00213EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.15 views

EUVD-2022-3431

Malicious code in bioql PyPI...

5.4CVSS5.4AI score0.01033EPSS
Exploits0References7
OSV
OSV
added 2024/03/06 11:1 a.m.18 views

BIT-JENKINS-2021-21670

Jenkins LTS 2.289.1 and earlier allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when they do not have Item/Read permission...

4.3CVSS5.6AI score0.01982EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/05/24 7:6 p.m.29 views

Improper permission checks allow canceling queue items and aborting builds in Jenkins

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when they do not have Item/Read permission. Jenkins 2.300, LTS 2.289.2 requires that users have Item/Read permission for applicable types ...

4.3CVSS3.7AI score0.01982EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2022/05/24 7:6 p.m.4 views

GHSA-Q4WP-8C99-69PW Improper permission checks allow canceling queue items and aborting builds in Jenkins

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when they do not have Item/Read permission. Jenkins 2.300, LTS 2.289.2 requires that users have Item/Read permission for applicable types ...

4.3CVSS5.9AI score0.01982EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/10/19 8:23 p.m.3 views

jenkins: improper permission checks allow canceling queue items and aborting builds

Incorrect Authorization vulnerability was found in Jenkins. Users with Item/Cancel permission are able to cancel queue items and abort builds of jobs even when they do not have Item/Read permission...

4.3CVSS5.7AI score0.01982EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/09/08 10:1 p.m.3 views

jenkins: improper permission checks allow canceling queue items and aborting builds

Incorrect Authorization vulnerability was found in Jenkins. Users with Item/Cancel permission are able to cancel queue items and abort builds of jobs even when they do not have Item/Read permission...

4.3CVSS5.7AI score0.01982EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/08/17 12:16 p.m.2 views

jenkins: improper permission checks allow canceling queue items and aborting builds

Incorrect Authorization vulnerability was found in Jenkins. Users with Item/Cancel permission are able to cancel queue items and abort builds of jobs even when they do not have Item/Read permission...

4.3CVSS5.7AI score0.01982EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/07/02 12:0 a.m.30 views

FreeBSD : jenkins -- multiple vulnerabilities (9d271bab-da22-11eb-86f0-94c691a700a6)

Jenkins Security Advisory : DescriptionMedium SECURITY-2278 / CVE-2021-21670 Improper permission checks allow canceling queue items and aborting builds High SECURITY-2371 / CVE-2021-21671 Session fixation vulnerability %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

7.5CVSS5.8AI score0.01982EPSS
Exploits0References4
Cvelist
Cvelist
added 2021/06/30 4:45 p.m.25 views

CVE-2021-21670

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when they do not have Item/Read permission...

5.9AI score0.01982EPSS
Exploits0References2
Prion
Prion
added 2019/09/25 4:15 p.m.23 views

Cross site scripting

Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not escape the reason why a queue items is blcoked in tooltips, resulting in a stored XSS vulnerability exploitable by users able to control parts of the reason a queue item is blocked, such as label expressions not matching any idle executor...

3.5CVSS5.1AI score0.01033EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2019/09/25 3:5 p.m.37 views

CVE-2019-10404

Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not escape the reason why a queue items is blcoked in tooltips, resulting in a stored XSS vulnerability exploitable by users able to control parts of the reason a queue item is blocked, such as label expressions not matching any idle executor...

5.4CVSS5.2AI score0.01033EPSS
Exploits0
Rows per page
Query Builder