4 matches found
jenkins: forced API token change (SECURITY-180)
A flaw was found in the Jenkins API token-issuing service. The service was not properly protected against anonymous users, potentially allowing remote attackers to escalate privileges...
CloudBees Jenkins CI and LTS API token-issuing service vulnerability
CloudBees Jenkins CI formerly known as Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. LTS Long-Term Support is a long-supported version of CloudBees Jenkins CI. A security vulnerability exists in the API token-issuing service in CloudBees Jenkins CI versions...
SOL17455 - Multiple Jenkins vulnerabilities
CVE-2015-1806 It was found that the combination filter Groovy script could allow a remote attacker to potentially execute arbitrary code on a Jenkins master. CVE-2015-1807 It was found that when building artifacts, the Jenkins server would follow symbolic links, potentially resulting in disclosur...
jenkins: forced API token change (SECURITY-180)
A flaw was found in the Jenkins API token-issuing service. The service was not properly protected against anonymous users, potentially allowing remote attackers to escalate privileges...