6 matches found
EUVD-2021-1317
Malware in sbrugna...
EUVD-2022-4773
Malicious code in bioql PyPI...
Jenkins plugins Multiple Vulnerabilities (2022-09-21)
According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins 2.367 through 2.369 both inclusive does not escape tooltips of the l:helpIcon UI component used for some help icons on the Jenkins...
CVE-2022-41233
Jenkins Rundeck Plugin 3.6.11 and earlier does not perform Run/Artifacts permission checks in multiple HTTP endpoints, allowing attackers with Item/Read permission to obtain information about build artifacts of a given job, if the optional Run/Artifacts permission is enabled...
GHSA-PHF8-3QGV-RG5Q Missing Authorization in Jenkins Blue Ocean Plugin
The optional Run/Artifacts permission can be enabled by setting a Java system property. Blue Ocean did not check this permission before providing access to archived artifacts, Item/Read permission was sufficient. Blue Ocean now correctly checks the Run/Artifacts permission if it’s enabled before...
CVE-2017-1000105
The optional Run/Artifacts permission can be enabled by setting a Java system property. Blue Ocean did not check this permission before providing access to archived artifacts, Item/Read permission was sufficient...