CVE-2024-39458

When Jenkins Structs Plugin 337.v1b04ea4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system log...

CVE-2024-39458

The CVE affects Jenkins Structs Plugin (versions 337.v1b_04ea_4df7c8 and earlier). When failing to configure a build step, it logs a warning that may include secrets from step parameters in the default system log, risking accidental exposure. The issue is rooted in overly verbose diagnostic loggi...

CVE-2024-39458

When Jenkins Structs Plugin 337.v1b04ea4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system log...

CVE-2024-39458

When Jenkins Structs Plugin 337.v1b04ea4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secrets passed as step parameters, potentially resulting in accidental exposure of secrets through the default system log...

Jenkins Plugin Structs Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

Jenkins plugins Multiple Vulnerabilities (2024-06-26)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Low Structs Plugin provides utility functionality used, e.g., in Pipeline to instantiate and configure build steps, typically before their...

PT-2024-4650 · Jenkins · Jenkins Structs Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Structs Plugin versions 337.v1b 04ea 4df7c8 and earlier Description: The issue is related to the accidental exposure of secrets through the default system log when the Jenkins Structs Plugin fails to configure a build step. This happe...

CVE-2023-52818

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 For pptable structs that use flexible array sizes, use flexible arrays...

CVE-2023-52818

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 For pptable structs that use flexible array sizes, use flexible arrays...

UBUNTU-CVE-2023-52819

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga For pptable structs that use flexible array sizes, use flexible arrays...

UBUNTU-CVE-2023-52818

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 For pptable structs that use flexible array sizes, use flexible arrays...

CVE-2023-52818

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 For pptable structs that use flexible array sizes, use flexible arrays...

CVE-2023-52818

CVE-2023-52818 affects the Linux kernel: drm/amd/ SMU7 UBSAN array-index-out-of-bounds due to pptable structs with flexible array sizes. The fix changes pptable structs to use flexible arrays. Impact is high with local, low-privilege exploitation potential as per the description. Remediation: app...

GHSA-87MF-9WG6-PPF8 Ouroboros is Unsound

In 0.15.0 and prior, Ouroboros works internally by creating a struct where all uses of 'this are replaced by 'static. However, a recent addition to Miri checks that references passed to functions are valid during the entire execution of the function, even when those references are passed inside a...

Ouroboros is Unsound

Summary Ouroboros has a soundness problem, but a fix has been implemented in 0.16.0. More details: In 0.15.0, Ouroboros works internally by creating a struct where all uses of 'this are replaced by 'static. However, a recent addition to Miri checks that references passed to functions are valid...

RUSTSEC-2023-0042 Ouroboros is Unsound

Summary Ouroboros has a soundness problem, but a fix has been implemented in 0.16.0. More details: In 0.15.0, Ouroboros works internally by creating a struct where all uses of 'this are replaced by 'static. However, a recent addition to Miri checks that references passed to functions are valid...

capnproto: out of bounds read when handling a list of lists.

A flaw was found in capnproto and capnp projects where a specially-crafted pointer could escape bounds checking by exploiting inconsistent handling of pointers when a list-of-structs is downgraded to a list-of-pointers...

CVE-2022-46149

A flaw was found in capnproto and capnp projects where a specially-crafted pointer could escape bounds checking by exploiting inconsistent handling of pointers when a list-of-structs is downgraded to a list-of-pointers...

[SECURITY] Fedora 35 Update: golang-github-mailru-easyjson-0.7.6-5.fc35

Package Easyjson provides a fast and easy way to marshal/unmarshal Go structs to/from JSON without the use of reflection. In performance tests, easyjson outperforms the standard encoding/json package by a factor of 4-5x, and other JSON encoding packages by a factor of 2-3x. Easyjson aims to keep...

Optional `Deserialize` implementations lacking validation

When activating the non-default feature serialize, most structs implement serde::Deserialize without sufficient validation. This allows breaking invariants in safe code, leading to: Undefined behavior in asstring methods which use std::str::fromutf8unchecked internally. Panics due to failed...