Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.9 Multiple Vulnerabilities (CloudBees Security Advisory 2023-02-15)

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.9. It is, therefore, affected by multiple vulnerabilities including the following: - CSRF vulnerability and missing permission checks in Synopsys Coverity Plugin allow...

PT-2019-11302 · Jenkins · Groovy Plugin +2

Name of the Vulnerable Software and Affected Versions: Pipeline: Groovy Plugin versions 2.61 and earlier Description: A sandbox bypass issue exists that allows attackers with Overall/Read permission to execute arbitrary code on the Jenkins master JVM by providing a pipeline script to an HTTP...

Mozilla Firefox and SeaMonkey Java LiveConnect Script Security Bypass Vulnerability

CVE:CVE-2010-3775 Bugtraq ID:45355 Mozilla Firefox and SeaMonkey are prone to a security-bypass vulnerability. Attackers can exploit this issue to bypass security restrictions and obtain elevated privileges such as the abilities to read local files, launch processes, and create network connection...