PT-2022-20402 · Jenkins · Jenkins Mercurial Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Mercurial Plugin versions 2.16 and earlier Description: The issue allows attackers who can configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs. This enabl...

Koji blacklisted paths workaround

Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission...

CVE-2017-1002153

Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission...

CVE-2017-1002153

Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission...

CVE-2017-1002153

Koji 1.13.0 contains a flaw where SCM paths are not properly validated, allowing an attacker to bypass the blacklisted paths during build submission. This is CVE-2017-1002153. The connected sources specify the root cause (improper SCM path validation) and the affected version, with no remediation...