Download
| Alert*
oval:org.secpod.oval:def:54602
Jenkins LTS is installed oval:org.secpod.oval:def:54609 Jenkins LTS is installed (dpkg) oval:org.secpod.oval:def:54606 Jenkins LTS is installed (rpm) oval:org.secpod.oval:def:54605 The host is installed with Jenkins LTS before 2.138.2 or Jenkins rolling release before 2.146 and is prone to a remote code execution vulnerability. The flaw is present in the application, which fails to properly handle an issue in Stapler web framework. Successful exploitation allow attackers to ob ... oval:org.secpod.oval:def:54608 The host is installed with Jenkins LTS before 2.138.2 or Jenkins rolling release before 2.146 and is prone to a remote code execution vulnerability. The flaw is present in the application, which fails to properly handle an issue in Stapler web framework. Successful exploitation allow attackers to ob ... oval:org.secpod.oval:def:62817 The host is installed with Jenkins LTS through 2.204.5 or Jenkins rolling release through 2.227 and is prone to a cross-site-request-forgery vulnerability. A flaw is present in the application, which fails to properly handle crafted URLs. Successful exploitation could allow attackers to bypass CSRF ... oval:org.secpod.oval:def:57684 The host is installed with Jenkins LTS through 2.176.1 or Jenkins rolling release through 2.185 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in Stapler web framework. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:57683 The host is installed with Jenkins LTS through 2.176.1 or Jenkins rolling release through 2.185 and is prone to a cross-site request forgery vulnerability. A flaw is present in the application, which fails to properly handle an issue in usage of CSRF tokens. Successful exploitation could allow attac ... oval:org.secpod.oval:def:57682 The host is installed with Jenkins LTS through 2.176.1 or Jenkins rolling release through 2.185 and is prone to a path traversal vulnerability. A flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/model/FileParameterValue.java file. Successful ex ... oval:org.secpod.oval:def:57687 The host is installed with Jenkins LTS through 2.176.1 or Jenkins rolling release through 2.185 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in Stapler web framework. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:57686 The host is installed with Jenkins LTS through 2.176.1 or Jenkins rolling release through 2.185 and is prone to a cross-site request forgery vulnerability. A flaw is present in the application, which fails to properly handle an issue in usage of CSRF tokens. Successful exploitation could allow attac ... oval:org.secpod.oval:def:57685 The host is installed with Jenkins LTS through 2.176.1 or Jenkins rolling release through 2.185 and is prone to a path traversal vulnerability. A flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/model/FileParameterValue.java file. Successful ex ... oval:org.secpod.oval:def:62814 The host is installed with Jenkins LTS through 2.204.5 or Jenkins rolling release through 2.227 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in HTML content of list view column headers. Successful exploitation cou ... oval:org.secpod.oval:def:62816 The host is installed with Jenkins LTS through 2.204.5 or Jenkins rolling release through 2.227 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in form validation for label expressions on job configuration pages. Suc ... oval:org.secpod.oval:def:62815 The host is installed with Jenkins LTS through 2.204.5 or Jenkins rolling release through 2.227 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in file uploads in file parameters. Successful exploitation could allow ... oval:org.secpod.oval:def:94367 The host is installed with Jenkins LTS 2.60.1 through 2.414.1 or Jenkins rolling release 2.50 through 2.423 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle filtering builds in the build history widget. Successful exploitation allow ... oval:org.secpod.oval:def:94368 The host is installed with Jenkins LTS through 2.414.1 or Jenkins rolling release through 2.423 and is prone to a stored cross-site scripting (xss) vulnerability. A flaw is present in the application, which fails to handle caption constructor parameter of ExpandableDetailsNote. Successful exploitati ... oval:org.secpod.oval:def:94369 The host is installed with Jenkins LTS through 2.414.1 or Jenkins rolling release through 2.423 and is prone to an incorrect default permissions vulnerability. A flaw is present in the application, which fails to handle default permissions for temporary files created in the system temporary directo ... oval:org.secpod.oval:def:94370 The host is installed with Jenkins LTS through 2.414.1 or Jenkins rolling release through 2.423 and is prone to an unrestricted upload of file with dangerous type vulnerability. A flaw is present in the application, which fails to handle default permissions for newly created files. On successful exp ... oval:org.secpod.oval:def:94371 The host is installed with Jenkins LTS through 2.414.1 or Jenkins rolling release through 2.423 and is prone to an unrestricted upload of file with dangerous type vulnerability. A flaw is present in the application, which fails to handle default permissions for newly created files. On successful exp ... oval:org.secpod.oval:def:54601 The host is installed with Jenkins LTS before 2.138.2 or Jenkins rolling release before 2.146 is prone to a remote code execution vulnerability. The flaw is present in the application, which fails to properly handle an issue in Stapler web framework. Successful exploitation allow attackers to obtain ... oval:org.secpod.oval:def:55916 The host is installed with Jenkins LTS through 2.150.1 or Jenkins rolling release through 2.158 and is prone to an improper authorization vulnerability. The flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/security/TokenBasedRememberMeServices2 ... oval:org.secpod.oval:def:55920 The host is installed with Jenkins LTS through 2.150.1 or Jenkins rolling release through 2.158 and is prone to an improper authorization vulnerability. The flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/security/TokenBasedRememberMeServices2 ... oval:org.secpod.oval:def:55917 The host is installed with Jenkins LTS through 2.150.1 or Jenkins rolling release through 2.158 and is prone to an improper authorization vulnerability. The flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/security/AuthenticationProcessingFilte ... oval:org.secpod.oval:def:55921 The host is installed with Jenkins LTS through 2.150.1 or Jenkins rolling release through 2.158 and is prone to an improper authorization vulnerability. The flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/security/AuthenticationProcessingFilte ... oval:org.secpod.oval:def:55918 The host is installed with Jenkins LTS through 2.164.1 or Jenkins rolling release through 2.171 and is prone to a privilege escalation vulnerability. The flaw is present in the application, which fails to properly handle remoting-based CLI authentication caches. Successful exploitation could allow a ... oval:org.secpod.oval:def:55922 The host is installed with Jenkins LTS through 2.164.1 or Jenkins rolling release through 2.171 and is prone to a privilege escalation vulnerability. The flaw is present in the application, which fails to properly handle remoting-based CLI authentication caches. Successful exploitation could allow a ... oval:org.secpod.oval:def:55919 The host is installed with Jenkins LTS through 2.164.1 or Jenkins rolling release through 2.171 and is prone to a cross-site scripting vulnerability. The flaw is present in the application, which fails to properly escape job URLs. Successful exploitation could allow attackers to cause unauthorized m ... oval:org.secpod.oval:def:55923 The host is installed with Jenkins LTS through 2.164.1 or Jenkins rolling release through 2.171 and is prone to a cross-site scripting vulnerability. The flaw is present in the application, which fails to properly escape job URLs. Successful exploitation could allow attackers to cause unauthorized m ... oval:org.secpod.oval:def:57679 The host is installed with Jenkins LTS through 2.176.1 or Jenkins rolling release through 2.185 and is prone to a path traversal vulnerability. A flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/model/FileParameterValue.java file. Successful ex ... oval:org.secpod.oval:def:57680 The host is installed with Jenkins LTS through 2.176.1 or Jenkins rolling release through 2.185 and is prone to a cross-site request forgery vulnerability. A flaw is present in the application, which fails to properly handle an issue in usage of CSRF tokens. Successful exploitation could allow attac ... oval:org.secpod.oval:def:57681 The host is installed with Jenkins LTS through 2.176.1 or Jenkins rolling release through 2.185 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in Stapler web framework. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:58313 The host is installed with Jenkins LTS through 2.176.2 or Jenkins rolling release through 2.191 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in update site URL. Successful exploitation could allow attackers with O ... oval:org.secpod.oval:def:58311 The host is installed with Jenkins LTS through 2.176.2 or Jenkins rolling release through 2.191 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in update site URL. Successful exploitation could allow attackers with O ... oval:org.secpod.oval:def:58312 The host is installed with Jenkins LTS through 2.176.2 or Jenkins rolling release through 2.191 and is prone to a cross-site request forgery vulnerability. A flaw is present in the application, which fails to properly handle CSRF tokens without an associated web session ID. Successful exploitation c ... oval:org.secpod.oval:def:58314 The host is installed with Jenkins LTS through 2.176.2 or Jenkins rolling release through 2.191 and is prone to a cross-site request forgery vulnerability. A flaw is present in the application, which fails to properly handle CSRF tokens without an associated web session ID. Successful exploitation c ... oval:org.secpod.oval:def:58817 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in f:expandableTextBox form controls. Successful exploitation cou ... oval:org.secpod.oval:def:58811 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in f:expandableTextBox form controls. Successful exploitation cou ... oval:org.secpod.oval:def:58823 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in f:expandableTextBox form controls. Successful exploitation cou ... oval:org.secpod.oval:def:58818 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in f:combobox form controls. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:58812 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in f:combobox form controls. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:58824 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in f:combobox form controls. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:58813 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in escaping tag name on a tooltip. Successful exploitation could ... oval:org.secpod.oval:def:58819 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in escaping tag name on a tooltip. Successful exploitation could ... oval:org.secpod.oval:def:58825 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in escaping tag name on a tooltip. Successful exploitation could ... oval:org.secpod.oval:def:58820 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in escaping the reason a queue item is blocked in tooltips. Succe ... oval:org.secpod.oval:def:58814 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in escaping the reason a queue item is blocked in tooltips. Succe ... oval:org.secpod.oval:def:58826 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in escaping the reason a queue item is blocked in tooltips. Succe ... oval:org.secpod.oval:def:58821 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in the WhoAmI URL. Successful exploitation could allow attackers to obta ... oval:org.secpod.oval:def:58815 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in the WhoAmI URL. Successful exploitation could allow attackers to obta ... oval:org.secpod.oval:def:58827 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in the WhoAmI URL. Successful exploitation could allow attackers to obta ... oval:org.secpod.oval:def:58816 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in filtering the values specified by administrators as jenkins root URL. ... oval:org.secpod.oval:def:58828 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in filtering the values specified by administrators as jenkins root URL. ... oval:org.secpod.oval:def:58822 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in filtering the values specified by administrators as jenkins root URL. ... oval:org.secpod.oval:def:65207 The host is installed with Jenkins LTS through 2.235.4 or Jenkins rolling release through 2.242 and is prone to a buffer corruption vulnerability. A flaw is present in the application, which fails to properly handle issues in Jetty. Successful exploitation could allow unauthenticated attackers to ob ... oval:org.secpod.oval:def:73690 The host is installed with Jenkins LTS through 2.289.1 or Jenkins rolling release through 2.299 and is prone to an incorrect authorization vulnerability. A flaw is present in the application, which fails to properly handle issues with permission checks. Successful exploitation could allows users to ... oval:org.secpod.oval:def:73691 The host is installed with Jenkins LTS through 2.289.1 or Jenkins rolling release through 2.299 and is prone to a session fixation vulnerability. A flaw is present in the application, which fails to properly handle issues with validation of sessions. Successful exploitation could allows attackers to ... |