5 matches found
Jenkins plugins Multiple Vulnerabilities (2022-05-17)
According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - Jenkins Pipeline: Groovy Plugin 2689.v434009a31bf1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenki...
Jenkins WMI Windows Agents Plugin Access Control Error Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products. jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.The Jenkins WMI Windows Agents Plugin is...
GHSA-XHW3-WMX2-76WF Buffer overflow in Jenkins WMI Windows Agents plugin
WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library. It provides a general-purpose remote command execution capability that Jenkins uses to check if Java is available, and if not, to install it. This library has a buffer overflow vulnerability that may allow user...
CVE-2022-30950
Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library which has a buffer overflow vulnerability that may allow users able to connect to a named pipe to execute commands on the Windows agent machine...
CVE-2022-30951
Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library does not implement access control, potentially allowing users to start processes even if they're not allowed to log in...