10 matches found
CVE-2022-36892
Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...
Jenkins rhnpush-plugin does not perform a permission check in a method implementing form validation
Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...
GHSA-W8GX-4R6W-3RX9 Jenkins rhnpush-plugin does not perform a permission check in a method implementing form validation
Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...
CVE-2022-36892
Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...
CVE-2022-36892
Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...
CVE-2022-36892
Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...
CVE-2022-36892
Jenkins rhnpush-plugin Plugin 0.5.1 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace...
CVE-2022-36892
CVE-2022-36892 affects Jenkins rhnpush-plugin up to version 0.5.1. The issue is missing a permission check in the form validation path, allowing users with Item/Read but without Item/Workspace or Item/Configure to determine if attacker-specified file patterns match workspace contents. The vulnera...
Jenkins rhnpush-plugin Plugin 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
PT-2022-4035 · Jenkins · Jenkins Rhnpush-Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins rhnpush-plugin Plugin versions 0.5.1 and earlier Description: The issue is related to insufficient authorization procedures in the Jenkins rhnpush-plugin. This allows attackers with Item/Read permission but without Item/Workspace or...