11 matches found
CVE-2022-36892
Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...
Jenkins rhnpush-plugin does not perform a permission check in a method implementing form validation
Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...
GHSA-W8GX-4R6W-3RX9 Jenkins rhnpush-plugin does not perform a permission check in a method implementing form validation
Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...
CVE-2022-36892
Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...
CVE-2022-36892
Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...
CVE-2022-36892
Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...
CVE-2022-36892
Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...
CVE-2022-36892
CVE-2022-36892 affects Jenkins rhnpush-plugin up to version 0.5.1. The issue is missing a permission check in the form validation path, allowing users with Item/Read but without Item/Workspace or Item/Configure to determine if attacker-specified file patterns match workspace contents. The vulnera...
Jenkins rhnpush-plugin Plugin 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
PT-2022-4035 · Jenkins · Jenkins Rhnpush-Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins rhnpush-plugin Plugin versions 0.5.1 and earlier Description: The issue is related to insufficient authorization procedures in the Jenkins rhnpush-plugin. This allows attackers with Item/Read permission but without Item/Workspace or...
rhn-tools:1.0 bug fix and enhancement update
An update is available for osad, spacewalk-abrt, rhn-custom-info, rhncfg, spacewalk-koan, spacewalk-oscap, spacewalk-backend, rhn-virtualization, spacewalk-usix, rhnpush, spacewalk-client-cert, cobbler, spacewalk-remote-utils. This update affects Rocky Linux 8. A Common Vulnerability Scoring Syst...