[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:54603
Jenkins rolling release is installed

oval:org.secpod.oval:def:54607
Jenkins rolling release is installed (rpm)

oval:org.secpod.oval:def:54610
Jenkins rolling release is installed (dpkg)

oval:org.secpod.oval:def:54605
The host is installed with Jenkins LTS before 2.138.2 or Jenkins rolling release before 2.146 and is prone to a remote code execution vulnerability. The flaw is present in the application, which fails to properly handle an issue in Stapler web framework. Successful exploitation allow attackers to ob ...

oval:org.secpod.oval:def:54608
The host is installed with Jenkins LTS before 2.138.2 or Jenkins rolling release before 2.146 and is prone to a remote code execution vulnerability. The flaw is present in the application, which fails to properly handle an issue in Stapler web framework. Successful exploitation allow attackers to ob ...

oval:org.secpod.oval:def:62817
The host is installed with Jenkins LTS through 2.204.5 or Jenkins rolling release through 2.227 and is prone to a cross-site-request-forgery vulnerability. A flaw is present in the application, which fails to properly handle crafted URLs. Successful exploitation could allow attackers to bypass CSRF ...

oval:org.secpod.oval:def:57684
The host is installed with Jenkins LTS through 2.176.1 or Jenkins rolling release through 2.185 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in Stapler web framework. Successful exploitation could allow attacke ...

oval:org.secpod.oval:def:57683
The host is installed with Jenkins LTS through 2.176.1 or Jenkins rolling release through 2.185 and is prone to a cross-site request forgery vulnerability. A flaw is present in the application, which fails to properly handle an issue in usage of CSRF tokens. Successful exploitation could allow attac ...

oval:org.secpod.oval:def:57682
The host is installed with Jenkins LTS through 2.176.1 or Jenkins rolling release through 2.185 and is prone to a path traversal vulnerability. A flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/model/FileParameterValue.java file. Successful ex ...

oval:org.secpod.oval:def:57687
The host is installed with Jenkins LTS through 2.176.1 or Jenkins rolling release through 2.185 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in Stapler web framework. Successful exploitation could allow attacke ...

oval:org.secpod.oval:def:57686
The host is installed with Jenkins LTS through 2.176.1 or Jenkins rolling release through 2.185 and is prone to a cross-site request forgery vulnerability. A flaw is present in the application, which fails to properly handle an issue in usage of CSRF tokens. Successful exploitation could allow attac ...

oval:org.secpod.oval:def:57685
The host is installed with Jenkins LTS through 2.176.1 or Jenkins rolling release through 2.185 and is prone to a path traversal vulnerability. A flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/model/FileParameterValue.java file. Successful ex ...

oval:org.secpod.oval:def:62814
The host is installed with Jenkins LTS through 2.204.5 or Jenkins rolling release through 2.227 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in HTML content of list view column headers. Successful exploitation cou ...

oval:org.secpod.oval:def:62816
The host is installed with Jenkins LTS through 2.204.5 or Jenkins rolling release through 2.227 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in form validation for label expressions on job configuration pages. Suc ...

oval:org.secpod.oval:def:62815
The host is installed with Jenkins LTS through 2.204.5 or Jenkins rolling release through 2.227 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in file uploads in file parameters. Successful exploitation could allow ...

oval:org.secpod.oval:def:94367
The host is installed with Jenkins LTS 2.60.1 through 2.414.1 or Jenkins rolling release 2.50 through 2.423 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle filtering builds in the build history widget. Successful exploitation allow ...

oval:org.secpod.oval:def:94368
The host is installed with Jenkins LTS through 2.414.1 or Jenkins rolling release through 2.423 and is prone to a stored cross-site scripting (xss) vulnerability. A flaw is present in the application, which fails to handle caption constructor parameter of ExpandableDetailsNote. Successful exploitati ...

oval:org.secpod.oval:def:94369
The host is installed with Jenkins LTS through 2.414.1 or Jenkins rolling release through 2.423 and is prone to an incorrect default permissions vulnerability. A flaw is present in the application, which fails to handle default permissions for temporary files created in the system temporary directo ...

oval:org.secpod.oval:def:94370
The host is installed with Jenkins LTS through 2.414.1 or Jenkins rolling release through 2.423 and is prone to an unrestricted upload of file with dangerous type vulnerability. A flaw is present in the application, which fails to handle default permissions for newly created files. On successful exp ...

oval:org.secpod.oval:def:94371
The host is installed with Jenkins LTS through 2.414.1 or Jenkins rolling release through 2.423 and is prone to an unrestricted upload of file with dangerous type vulnerability. A flaw is present in the application, which fails to handle default permissions for newly created files. On successful exp ...

oval:org.secpod.oval:def:54601
The host is installed with Jenkins LTS before 2.138.2 or Jenkins rolling release before 2.146 is prone to a remote code execution vulnerability. The flaw is present in the application, which fails to properly handle an issue in Stapler web framework. Successful exploitation allow attackers to obtain ...

oval:org.secpod.oval:def:55916
The host is installed with Jenkins LTS through 2.150.1 or Jenkins rolling release through 2.158 and is prone to an improper authorization vulnerability. The flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/security/TokenBasedRememberMeServices2 ...

oval:org.secpod.oval:def:55920
The host is installed with Jenkins LTS through 2.150.1 or Jenkins rolling release through 2.158 and is prone to an improper authorization vulnerability. The flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/security/TokenBasedRememberMeServices2 ...

oval:org.secpod.oval:def:55917
The host is installed with Jenkins LTS through 2.150.1 or Jenkins rolling release through 2.158 and is prone to an improper authorization vulnerability. The flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/security/AuthenticationProcessingFilte ...

oval:org.secpod.oval:def:55921
The host is installed with Jenkins LTS through 2.150.1 or Jenkins rolling release through 2.158 and is prone to an improper authorization vulnerability. The flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/security/AuthenticationProcessingFilte ...

oval:org.secpod.oval:def:55918
The host is installed with Jenkins LTS through 2.164.1 or Jenkins rolling release through 2.171 and is prone to a privilege escalation vulnerability. The flaw is present in the application, which fails to properly handle remoting-based CLI authentication caches. Successful exploitation could allow a ...

oval:org.secpod.oval:def:55922
The host is installed with Jenkins LTS through 2.164.1 or Jenkins rolling release through 2.171 and is prone to a privilege escalation vulnerability. The flaw is present in the application, which fails to properly handle remoting-based CLI authentication caches. Successful exploitation could allow a ...

oval:org.secpod.oval:def:55919
The host is installed with Jenkins LTS through 2.164.1 or Jenkins rolling release through 2.171 and is prone to a cross-site scripting vulnerability. The flaw is present in the application, which fails to properly escape job URLs. Successful exploitation could allow attackers to cause unauthorized m ...

oval:org.secpod.oval:def:55923
The host is installed with Jenkins LTS through 2.164.1 or Jenkins rolling release through 2.171 and is prone to a cross-site scripting vulnerability. The flaw is present in the application, which fails to properly escape job URLs. Successful exploitation could allow attackers to cause unauthorized m ...

oval:org.secpod.oval:def:57679
The host is installed with Jenkins LTS through 2.176.1 or Jenkins rolling release through 2.185 and is prone to a path traversal vulnerability. A flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/model/FileParameterValue.java file. Successful ex ...

oval:org.secpod.oval:def:57680
The host is installed with Jenkins LTS through 2.176.1 or Jenkins rolling release through 2.185 and is prone to a cross-site request forgery vulnerability. A flaw is present in the application, which fails to properly handle an issue in usage of CSRF tokens. Successful exploitation could allow attac ...

oval:org.secpod.oval:def:57681
The host is installed with Jenkins LTS through 2.176.1 or Jenkins rolling release through 2.185 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in Stapler web framework. Successful exploitation could allow attacke ...

oval:org.secpod.oval:def:58313
The host is installed with Jenkins LTS through 2.176.2 or Jenkins rolling release through 2.191 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in update site URL. Successful exploitation could allow attackers with O ...

oval:org.secpod.oval:def:58311
The host is installed with Jenkins LTS through 2.176.2 or Jenkins rolling release through 2.191 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in update site URL. Successful exploitation could allow attackers with O ...

oval:org.secpod.oval:def:58312
The host is installed with Jenkins LTS through 2.176.2 or Jenkins rolling release through 2.191 and is prone to a cross-site request forgery vulnerability. A flaw is present in the application, which fails to properly handle CSRF tokens without an associated web session ID. Successful exploitation c ...

oval:org.secpod.oval:def:58314
The host is installed with Jenkins LTS through 2.176.2 or Jenkins rolling release through 2.191 and is prone to a cross-site request forgery vulnerability. A flaw is present in the application, which fails to properly handle CSRF tokens without an associated web session ID. Successful exploitation c ...

oval:org.secpod.oval:def:58817
The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in f:expandableTextBox form controls. Successful exploitation cou ...

oval:org.secpod.oval:def:58811
The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in f:expandableTextBox form controls. Successful exploitation cou ...

oval:org.secpod.oval:def:58823
The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in f:expandableTextBox form controls. Successful exploitation cou ...

oval:org.secpod.oval:def:58818
The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in f:combobox form controls. Successful exploitation could allow attacke ...

oval:org.secpod.oval:def:58812
The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in f:combobox form controls. Successful exploitation could allow attacke ...

oval:org.secpod.oval:def:58824
The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in f:combobox form controls. Successful exploitation could allow attacke ...

oval:org.secpod.oval:def:58813
The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in escaping tag name on a tooltip. Successful exploitation could ...

oval:org.secpod.oval:def:58819
The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in escaping tag name on a tooltip. Successful exploitation could ...

oval:org.secpod.oval:def:58825
The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in escaping tag name on a tooltip. Successful exploitation could ...

oval:org.secpod.oval:def:58820
The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in escaping the reason a queue item is blocked in tooltips. Succe ...

oval:org.secpod.oval:def:58814
The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in escaping the reason a queue item is blocked in tooltips. Succe ...

oval:org.secpod.oval:def:58826
The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in escaping the reason a queue item is blocked in tooltips. Succe ...

oval:org.secpod.oval:def:58821
The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in the WhoAmI URL. Successful exploitation could allow attackers to obta ...

oval:org.secpod.oval:def:58815
The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in the WhoAmI URL. Successful exploitation could allow attackers to obta ...

oval:org.secpod.oval:def:58827
The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in the WhoAmI URL. Successful exploitation could allow attackers to obta ...

oval:org.secpod.oval:def:58816
The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in filtering the values specified by administrators as jenkins root URL. ...

oval:org.secpod.oval:def:58828
The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in filtering the values specified by administrators as jenkins root URL. ...

oval:org.secpod.oval:def:58822
The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in filtering the values specified by administrators as jenkins root URL. ...

oval:org.secpod.oval:def:65207
The host is installed with Jenkins LTS through 2.235.4 or Jenkins rolling release through 2.242 and is prone to a buffer corruption vulnerability. A flaw is present in the application, which fails to properly handle issues in Jetty. Successful exploitation could allow unauthenticated attackers to ob ...

oval:org.secpod.oval:def:73690
The host is installed with Jenkins LTS through 2.289.1 or Jenkins rolling release through 2.299 and is prone to an incorrect authorization vulnerability. A flaw is present in the application, which fails to properly handle issues with permission checks. Successful exploitation could allows users to ...

oval:org.secpod.oval:def:73691
The host is installed with Jenkins LTS through 2.289.1 or Jenkins rolling release through 2.299 and is prone to a session fixation vulnerability. A flaw is present in the application, which fails to properly handle issues with validation of sessions. Successful exploitation could allows attackers to ...

CVE    57
CVE-2012-4439
CVE-2012-4438
CVE-2012-4441
CVE-2012-4440
...
*CPE
cpe:/a:jenkins:jenkins:::~~-~~~

© SecPod Technologies