146 matches found
CVE-2017-1000084
CVE-2017-1000084 concerns the Jenkins Parameterized Trigger Plugin, where the component failed to enforce Item/Build permissions during downstream triggering. The underlying issue allowed a build to trigger other projects without proper authorization, potentially enabling unauthorized project lau...
CVE-2017-1000084
Parameterized Trigger Plugin fails to check Item/Build permission: The Parameterized Trigger Plugin did not check the build authentication it was running as and allowed triggering any other project in Jenkins...
CVE-2012-3366
The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process bcfg2-server...
CVE-2012-3366
The Trigger plugin in bcfg2 1.2.x before 1.2.3 allows remote attackers with root access to the client to execute arbitrary commands via shell metacharacters in the UUID field to the server process bcfg2-server. This is very similar to a flaw discovered last year in a large number of other plugins...
CVE-2012-3366
Removed by vendor...
CVE-2012-3366
CVE-2012-3366 affects bcfg2 1.2.x prior to 1.2.3 where the Trigger plugin allows remote attackers with root access to the client to execute arbitrary commands in the UUID field sent to bcfg2-server. The root cause is a failure to sanitize shell metacharacters in the UUID value, enabling command e...