2 matches found
SOL17455 - Multiple Jenkins vulnerabilities
CVE-2015-1806 It was found that the combination filter Groovy script could allow a remote attacker to potentially execute arbitrary code on a Jenkins master. CVE-2015-1807 It was found that when building artifacts, the Jenkins server would follow symbolic links, potentially resulting in disclosur...
jenkins: forced API token change (SECURITY-180)
A flaw was found in the Jenkins API token-issuing service. The service was not properly protected against anonymous users, potentially allowing remote attackers to escalate privileges...