Jenkins LTS < 2.277.3 / Jenkins weekly < 2.286

According to its its self-reported version number, the version of Jenkins running on the remote web server is Jenkins LTS prior to 2.277.3 or Jenkins weekly prior to 2.286. It is, therefore, affected by a vulnerability: - In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha...

CloudBees Jenkins View Name Validation Bypass Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . LTS is a long-term support for...

PT-2021-14683 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.286 and earlier Jenkins LTS versions 2.277.1 and earlier Description: The issue arises from the improper validation of newly created view names, allowing attackers with View/Create permission to create views with invalid or...