Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.7 views

RHCOS 4 : OpenShift Container Platform 4.8.22 (RHSA-2021:4829)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4829 advisory. - coreos-installer: restrict access permissions on /boot/ignition,/config.ign CVE-2021-3917 - jenkins: FilePathmkdirs does not check...

9.8CVSS5.9AI score0.02451EPSS
Exploits0References32
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.8 views

RHCOS 4 : OpenShift Container Platform 4.6.51 (RHSA-2021:4799)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4799 advisory. - jenkins: FilePathmkdirs does not check permission to create parent directories CVE-2021-21685 - jenkins: File path filters do not...

9.8CVSS5.9AI score0.02451EPSS
Exploits0References30
Positive Technologies
Positive Technologies
added 2024/12/05 12:0 a.m.4 views

PT-2024-13538

Name of the Vulnerable Software and Affected Versions STMicroelectronics SPC58 affected versions not specified Description The STMicroelectronics SPC58 PowerPC microcontrollers are affected by a missing protection mechanism for an alternate hardware interface. Code executing with supervisor...

9.8CVSS6.4AI score0.00445EPSS
Exploits0References8
OSV
OSV
added 2024/03/06 11:0 a.m.16 views

BIT-JENKINS-2021-21688

The agent-to-controller security check FilePathreadingFileVisitor in Jenkins LTS 2.303.2 and earlier does not reject any operations, allowing users to have unrestricted read access using certain operations creating archives, FilePathcopyRecursiveTo...

7.5CVSS8.2AI score0.01327EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/12/07 12:0 a.m.5 views

PT-2022-6757 · Xwiki · Xwiki Platform

Name of the Vulnerable Software and Affected Versions: XWiki Platform versions prior to 14.4.8 XWiki Platform versions prior to 14.10.4 XWiki Platform versions prior to 15.0-rc-1 Description: The issue is related to improper escaping in the document SkinsCode.XWikiSkinsSheet, which leads to an...

10CVSS8.9AI score0.91346EPSS
Exploits1References12
RedHat Linux
RedHat Linux
added 2021/12/02 10:4 p.m.4 views

jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access

An incorrect access restriction vulnerability was found in Jenkins. The FilePathreadingFileVisitor does not reject any operations giving users unrestricted read access with certain operations creating archives, copyRecursiveTo. This may allow an attacker to get access to restricted data...

7.5CVSS5.7AI score0.01327EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/12/02 6:37 p.m.3 views

jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access

An incorrect access restriction vulnerability was found in Jenkins. The FilePathreadingFileVisitor does not reject any operations giving users unrestricted read access with certain operations creating archives, copyRecursiveTo. This may allow an attacker to get access to restricted data...

7.5CVSS5.7AI score0.01327EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/12/01 12:28 p.m.2 views

jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access

An incorrect access restriction vulnerability was found in Jenkins. The FilePathreadingFileVisitor does not reject any operations giving users unrestricted read access with certain operations creating archives, copyRecursiveTo. This may allow an attacker to get access to restricted data...

7.5CVSS5.7AI score0.01327EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/11/30 9:11 a.m.3 views

jenkins: FilePath#reading(FileVisitor) does not reject any operations allowing users to have unrestricted read access

An incorrect access restriction vulnerability was found in Jenkins. The FilePathreadingFileVisitor does not reject any operations giving users unrestricted read access with certain operations creating archives, copyRecursiveTo. This may allow an attacker to get access to restricted data...

7.5CVSS5.7AI score0.01327EPSS
Exploits0References5
OSV
OSV
added 2021/11/04 5:15 p.m.16 views

CVE-2021-21688

The agent-to-controller security check FilePathreadingFileVisitor in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not reject any operations, allowing users to have unrestricted read access using certain operations creating archives, FilePathcopyRecursiveTo...

7.5CVSS6.4AI score
Exploits0References1
AlpineLinux
AlpineLinux
added 2021/11/04 5:15 p.m.23 views

CVE-2021-21688

The agent-to-controller security check FilePathreadingFileVisitor in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not reject any operations, allowing users to have unrestricted read access using certain operations creating archives, FilePathcopyRecursiveTo...

7.5CVSS8.3AI score0.01327EPSS
Exploits0
Prion
Prion
added 2021/11/04 5:15 p.m.15 views

Design/Logic Flaw

The agent-to-controller security check FilePathreadingFileVisitor in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not reject any operations, allowing users to have unrestricted read access using certain operations creating archives, FilePathcopyRecursiveTo...

5CVSS8AI score0.01327EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/11/04 12:0 a.m.3 views

Jenkins 安全漏洞

Jenkins is a Jenkins open source application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins that stems from an agent-to-controller security check FilePathreadingFileVisit...

7.5CVSS7.2AI score0.01327EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2021/11/04 12:0 a.m.4 views

PT-2021-5385 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.318 and earlier, LTS versions 2.303.2 and earlier Description: The issue is related to the absence of an authorization procedure in the FilePathreadingFileVisitor component of the Jenkins automation server. This allows a...

7.8CVSS8.1AI score0.01327EPSS
Exploits0References15
Rosalinux
Rosalinux
added 2021/07/02 4:31 p.m.23 views

Advisory ROSA-SA-2021-1804

Software: accountservice 0.6.50 OS: Cobalt 7.9 CVE-ID: CVE-2020-16126 CVE-Crit: LOW CVE-DESC: Ubuntu-specific modification of AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, incorrectly removed ruid, allowing untrusted users to send signals to AccountsService,...

5.5CVSS6.8AI score0.00541EPSS
Exploits3
Rows per page
Query Builder