RHCOS 4 : OpenShift Container Platform 4.4.z jenkins-2-plugins (RHSA-2020:2737)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2737 advisory. - jenkins-script-security-plugin: sandbox protection bypass leads to execute arbitrary code in sandboxed scripts CVE-2019-16538 -...

RHCOS 3 : OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2020:2478)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2478 advisory. - jenkins-git-client-plugin: OS command injection via 'git ls-remote' CVE-2019-10392 - jenkins-script-security-plugin: sandbox...

CVE-2024-34148

Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically disables the fix for CVE-2016-3721 whenever a build is triggered from a release tag, by setting the Java system property 'hudson.model.ParametersAction.keepUndefinedParameters'...

EUVD-2013-6197

Malware in sbrugna...

EUVD-2022-5703

Malicious code in bioql PyPI...

EUVD-2024-0969

Malicious code in bioql PyPI...

EUVD-2022-4214

Malicious code in bioql PyPI...

EUVD-2022-4893

Malicious code in bioql PyPI...

EUVD-2022-5390

Malicious code in bioql PyPI...

EUVD-2024-1005

Malicious code in bioql PyPI...

EUVD-2022-5541

Malicious code in bioql PyPI...

CVE-2024-28159

A missing permission check in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers with Item/Read permission to trigger a build...

CVE-2024-28158

A cross-site request forgery CSRF vulnerability in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers to trigger a build...

CVE-2024-34148

Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically disables the fix for CVE-2016-3721 whenever a build is triggered from a release tag, by setting the Java system property 'hudson.model.ParametersAction.keepUndefinedParameters'...

PT-2024-25719 · Jenkins · Jenkins Subversion Partial Release Manager Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Subversion Partial Release Manager Plugin versions 1.0.1 and earlier Description: The issue arises when a build is triggered from a release tag, causing the plugin to programmatically set the Java system property...

CVE-2024-28159

A missing permission check in Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier allows attackers with Item/Read permission to trigger a build...

PT-2024-22304 · Jenkins · Jenkins Subversion Partial Release Manager Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Subversion Partial Release Manager Plugin versions 1.0.1 and earlier Description: A cross-site request forgery CSRF issue allows attackers to trigger a build. Recommendations: For Jenkins Subversion Partial Release Manager Plugin...

PT-2024-22305 · Jenkins · Jenkins Subversion Partial Release Manager Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Subversion Partial Release Manager Plugin versions 1.0.1 and earlier Description: A missing permission check in the plugin allows attackers with Item/Read permission to trigger a build. Recommendations: For Jenkins Subversion Partial...

Jenkins Subversion Partial Release Manager Plugin Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Plugin is a software application. A security vulnerability...

RHEL 7 / 8 : OpenShift Container Platform 4.6.59 (RHSA-2022:4947)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:4947 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...