10 matches found
GHSA-MQQ6-CQCX-38VG Open WebUI's Model Import Overwrites Any Model Without Ownership Check
Model Import Overwrites Any Model Without Ownership Check Affected Component Model import endpoint: - backend/openwebui/routers/models.py lines 254-308, importmodels Affected Versions Current main branch commit 6fdd19bf1 and likely all versions with model import functionality. Description The POS...
EUVD-2022-2422
Malicious code in bioql PyPI...
EUVD-2023-0984
Malicious code in bioql PyPI...
BIT-JENKINS-2023-27902
Jenkins LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents...
Incorrect Permission Preservation in Jenkins Core
Jenkins uses temporary directories adjacent to workspace directories, usually with the @tmp name suffix, to store temporary files related to the build. In pipelines, these temporary directories are adjacent to the current working directory when operating in a subdirectory of the automatically...
CVE-2023-27902
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents...
CVE-2023-27902
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents...
CVE-2023-27902
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents...
PT-2023-21408 · Jenkins · Jenkins
Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.393 and earlier Jenkins LTS versions 2.375.3 and earlier Jenkins versions prior to LTS 2.387.1 Description: The issue allows attackers with Item/Workspace permission to access the contents of temporary directories related t...
Jenkins < 2.276, < 2.263.3 Arbitrary File Read Vulnerability
Jenkins is prone to an arbitrary file read vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...