12 matches found
GHSA-HVM9-WC8J-MGRC TShock Security Escalation Exploit
Impact An issue with the way OTAPI manages client connections results in stale UUIDs remaining on RemoteClient instances after a player disconnects. Because of this, if the following conditions are met a player may assume the login state of a previously connected player: 1. The server has UUID...
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
The agent-to-controller security subsystem limits which files on the Jenkins controller can be accessed by agent processes. Multiple vulnerabilities in the file path filtering implementation of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allow agent processes to read and write arbitrary...
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
The agent-to-controller security subsystem limits which files on the Jenkins controller can be accessed by agent processes. Multiple vulnerabilities in the file path filtering implementation of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allow agent processes to read and write arbitrary...
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
The agent-to-controller security subsystem limits which files on the Jenkins controller can be accessed by agent processes. Multiple vulnerabilities in the file path filtering implementation of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allow agent processes to read and write arbitrary...
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
The agent-to-controller security subsystem limits which files on the Jenkins controller can be accessed by agent processes. Multiple vulnerabilities in the file path filtering implementation of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allow agent processes to read and write arbitrary...
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
The agent-to-controller security subsystem limits which files on the Jenkins controller can be accessed by agent processes. Multiple vulnerabilities in the file path filtering implementation of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allow agent processes to read and write arbitrary...
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
The agent-to-controller security subsystem limits which files on the Jenkins controller can be accessed by agent processes. Multiple vulnerabilities in the file path filtering implementation of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allow agent processes to read and write arbitrary...
GHSA-3Q84-VRVX-RFVF Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
The agent-to-controller security subsystem limits which files on the Jenkins controller can be accessed by agent processes. Multiple vulnerabilities in the file path filtering implementation of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allow agent processes to read and write arbitrary...
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
The agent-to-controller security subsystem limits which files on the Jenkins controller can be accessed by agent processes. Multiple vulnerabilities in the file path filtering implementation of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allow agent processes to read and write arbitrary...
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
The agent-to-controller security subsystem limits which files on the Jenkins controller can be accessed by agent processes. Multiple vulnerabilities in the file path filtering implementation of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allow agent processes to read and write arbitrary...
GHSA-CVVM-4CR9-R436 Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control in Jenkins
The agent-to-controller security subsystem limits which files on the Jenkins controller can be accessed by agent processes. Multiple vulnerabilities in the file path filtering implementation of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allow agent processes to read and write arbitrary...
PT-2021-4993 · Jenkins · Remoting Security Workaround Plugin +2
Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.318 and earlier, LTS versions 2.303.2 and earlier Description: The issue is related to the implementation of the FilePath API in the Jenkins automation server, which does not limit agent read/write access to the libs/...