EUVD-2022-7082

Malicious code in bioql PyPI...

CVE-2022-43433

Jenkins ScreenRecorder Plugin 0.7 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download...

Tcl 安全漏洞

Tcl is a freely available open source package. It provides a powerful platform for creating integrated applications that tie together various applications, protocols, devices and frameworks. A security vulnerability exists in TCL 30Z , TCL 10 that stems from the fact that certain software version...

GHSA-CVXJ-4745-843X Content-Security-Policy protection for user content disabled by Jenkins ScreenRecorder Plugin

Jenkins sets the Content-Security-Policy header to static files served by Jenkins specifically DirectoryBrowserSupport, such as workspaces, /userContent, or archived artifacts, unless a Resource Root URL is specified. ScreenRecorder Plugin 0.7 and earlier programmatically updates the Java system...

Content-Security-Policy protection for user content disabled by Jenkins ScreenRecorder Plugin

Jenkins sets the Content-Security-Policy header to static files served by Jenkins specifically DirectoryBrowserSupport, such as workspaces, /userContent, or archived artifacts, unless a Resource Root URL is specified. ScreenRecorder Plugin 0.7 and earlier programmatically updates the Java system...

CVE-2022-43433

Jenkins ScreenRecorder Plugin 0.7 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download...

CVE-2022-43433

Jenkins ScreenRecorder Plugin 0.7 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download...

Design/Logic Flaw

Jenkins ScreenRecorder Plugin 0.7 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download...

Jenkins ScreenRecorder Plugin 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

CVE-2022-43433

Jenkins ScreenRecorder Plugin 0.7 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download...

PT-2022-26917 · Jenkins · Jenkins Screenrecorder Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins ScreenRecorder Plugin versions 0.7 and earlier Description: The issue concerns the Jenkins ScreenRecorder Plugin, which programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived...

CVE-2022-43433

Jenkins ScreenRecorder Plugin 0.7 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download...

CVE-2022-43433

CVE-2022-43433 affects Jenkins ScreenRecorder Plugin 0.7 and earlier. It programmatically disables Content-Security-Policy (CSP) for user-generated content served by Jenkins (workspaces, /userContent, artifacts), via updating a Java system property, effectively weakening CSP and enabling potentia...