15 matches found
RHCOS 4 : OpenShift Container Platform 4.8.22 (RHSA-2021:4829)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4829 advisory. - coreos-installer: restrict access permissions on /boot/ignition,/config.ign CVE-2021-3917 - jenkins: FilePathmkdirs does not check...
RHCOS 4 : OpenShift Container Platform 4.6.51 (RHSA-2021:4799)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4799 advisory. - jenkins: FilePathmkdirs does not check permission to create parent directories CVE-2021-21685 - jenkins: File path filters do not...
PT-2024-13538
Name of the Vulnerable Software and Affected Versions STMicroelectronics SPC58 affected versions not specified Description The STMicroelectronics SPC58 PowerPC microcontrollers are affected by a missing protection mechanism for an alternate hardware interface. Code executing with supervisor...
BIT-JENKINS-2021-21688
The agent-to-controller security check FilePathreadingFileVisitor in Jenkins LTS 2.303.2 and earlier does not reject any operations, allowing users to have unrestricted read access using certain operations creating archives, FilePathcopyRecursiveTo...
PT-2022-6757 · Xwiki · Xwiki Platform
Name of the Vulnerable Software and Affected Versions: XWiki Platform versions prior to 14.4.8 XWiki Platform versions prior to 14.10.4 XWiki Platform versions prior to 15.0-rc-1 Description: The issue is related to improper escaping in the document SkinsCode.XWikiSkinsSheet, which leads to an...
jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access
An incorrect access restriction vulnerability was found in Jenkins. The FilePathreadingFileVisitor does not reject any operations giving users unrestricted read access with certain operations creating archives, copyRecursiveTo. This may allow an attacker to get access to restricted data...
jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access
An incorrect access restriction vulnerability was found in Jenkins. The FilePathreadingFileVisitor does not reject any operations giving users unrestricted read access with certain operations creating archives, copyRecursiveTo. This may allow an attacker to get access to restricted data...
jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access
An incorrect access restriction vulnerability was found in Jenkins. The FilePathreadingFileVisitor does not reject any operations giving users unrestricted read access with certain operations creating archives, copyRecursiveTo. This may allow an attacker to get access to restricted data...
jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access
An incorrect access restriction vulnerability was found in Jenkins. The FilePathreadingFileVisitor does not reject any operations giving users unrestricted read access with certain operations creating archives, copyRecursiveTo. This may allow an attacker to get access to restricted data...
CVE-2021-21688
The agent-to-controller security check FilePathreadingFileVisitor in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not reject any operations, allowing users to have unrestricted read access using certain operations creating archives, FilePathcopyRecursiveTo...
CVE-2021-21688
The agent-to-controller security check FilePathreadingFileVisitor in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not reject any operations, allowing users to have unrestricted read access using certain operations creating archives, FilePathcopyRecursiveTo...
Design/Logic Flaw
The agent-to-controller security check FilePathreadingFileVisitor in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not reject any operations, allowing users to have unrestricted read access using certain operations creating archives, FilePathcopyRecursiveTo...
Jenkins 安全漏洞
Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins that stems from an agent-to-controller security check FilePathreadingFileVisit...
PT-2021-5385 · Jenkins · Jenkins
Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.318 and earlier, LTS versions 2.303.2 and earlier Description: The issue is related to the absence of an authorization procedure in the FilePathreadingFileVisitor component of the Jenkins automation server. This allows a...
Advisory ROSA-SA-2021-1804
Software: accountservice 0.6.50 OS: Cobalt 7.9 CVE-ID: CVE-2020-16126 CVE-Crit: LOW CVE-DESC: Ubuntu-specific modification of AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, incorrectly removed ruid, allowing untrusted users to send signals to AccountsService,...