Download
| Alert*
oval:org.secpod.oval:def:54580
Jenkins rolling release is installed oval:org.secpod.oval:def:54578 The host is installed with Jenkins LTS before 2.138.2 or Jenkins rolling release before 2.146 is prone to a remote code execution vulnerability. The flaw is present in the application, which fails to properly handle an issue in Stapler web framework. Successful exploitation allow attackers to obtain ... oval:org.secpod.oval:def:62817 The host is installed with Jenkins LTS through 2.204.5 or Jenkins rolling release through 2.227 and is prone to a cross-site-request-forgery vulnerability. A flaw is present in the application, which fails to properly handle crafted URLs. Successful exploitation could allow attackers to bypass CSRF ... oval:org.secpod.oval:def:62814 The host is installed with Jenkins LTS through 2.204.5 or Jenkins rolling release through 2.227 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in HTML content of list view column headers. Successful exploitation cou ... oval:org.secpod.oval:def:62816 The host is installed with Jenkins LTS through 2.204.5 or Jenkins rolling release through 2.227 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in form validation for label expressions on job configuration pages. Suc ... oval:org.secpod.oval:def:62815 The host is installed with Jenkins LTS through 2.204.5 or Jenkins rolling release through 2.227 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in file uploads in file parameters. Successful exploitation could allow ... oval:org.secpod.oval:def:77047 The host is installed with Jenkins LTS through 2.303.1 or Jenkins rolling release through 2.314 and is prone to a path traversal vulnerability. A flaw is present in the application, which fails to interpret the absolute paths of the files. Successful exploitation allows attackers with Overall/Read p ... oval:org.secpod.oval:def:77046 The host is installed with Jenkins LTS through 2.303.1 or Jenkins rolling release through 2.314 and is prone to a path equivalence vulnerability. A flaw is present in the application, which fails to validate names of jobs and other entities with a trailing dot character. Successful exploitation coul ... oval:org.secpod.oval:def:55564 The host is installed with Jenkins LTS before 1.642.2 or Jenkins rolling release before 1.650 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle an issue in the remoting module. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:55565 The host is installed with Jenkins LTS before 1.642.2 or Jenkins rolling release before 1.650 and is prone to a CLRF injection vulnerability. A flaw is present in the application, which fails to properly handle an issue in CLI command documentation. Successful exploitation could allow attackers to i ... oval:org.secpod.oval:def:55566 The host is installed with Jenkins LTS before 1.642.2 or Jenkins rolling release before 1.650 and is prone to a brute force attack vulnerability. A flaw is present in the application, which fails to properly handle the usage of algorithm to verify API tokens. Successful exploitation could allow atta ... oval:org.secpod.oval:def:55567 The host is installed with Jenkins LTS before 1.642.2 or Jenkins rolling release before 1.650 and is prone to a brute force attack vulnerability. A flaw is present in the application, which fails to properly handle the usage of algorithm to verify CSRF tokens. Successful exploitation could allow att ... oval:org.secpod.oval:def:55568 The host is installed with Jenkins LTS before 1.642.2 or Jenkins rolling release before 1.650 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle multiple uspecified API endpoints. Successful exploitation could allow remote ... oval:org.secpod.oval:def:55569 The host is installed with Jenkins LTS before 1.651.2 or Jenkins rolling release before 2.3 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle issues in build environment. Successful exploitation could allow remote authenti ... oval:org.secpod.oval:def:55570 The host is installed with Jenkins LTS before 1.651.2 or Jenkins rolling release before 2.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle users with multiple accounts. Successful exploitation could allow attackers to cause a d ... oval:org.secpod.oval:def:55571 The host is installed with Jenkins LTS before 1.651.2 or Jenkins rolling release before 2.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle permission issues. Successful exploitation could allow attackers to obtain sensiti ... oval:org.secpod.oval:def:55572 The host is installed with Jenkins LTS before 1.651.2 or Jenkins rolling release before 2.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle permission issues. Successful exploitation could allow remote authenticated users ... oval:org.secpod.oval:def:55573 The host is installed with Jenkins LTS before 1.651.2 or Jenkins rolling release before 2.3 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle a missing permissions check. Successful exploitation could allow remote authenticated us ... oval:org.secpod.oval:def:55574 The host is installed with Jenkins LTS before 1.651.2 or Jenkins rolling release before 2.3 and is prone to multiple open redirect vulnerabilities. The flaws are present in the application, which fails to properly handle scheme-relative URLs. Successful exploitation could allow remote attackers to r ... oval:org.secpod.oval:def:55575 The host is installed with Jenkins LTS before 1.651.2 or Jenkins rolling release before 2.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle issues in the API URL. Successful exploitation could allow remote authenticated us ... oval:org.secpod.oval:def:55576 The host is installed with Jenkins LTS before 2.19.3 or Jenkins rolling release before 2.32 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle crafted serialized java object. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:55577 The host is installed with Jenkins LTS through 2.46.1 or Jenkins rolling release through 2.56 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle a SignedObject object. Successful exploitation allows remote attackers to carry ou ... oval:org.secpod.oval:def:55578 The host is installed with Jenkins LTS through 2.46.1 or Jenkins rolling release through 2.56 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle an issue in the login command. Successful exploitation could allow attackers to imp ... oval:org.secpod.oval:def:55579 The host is installed with Jenkins LTS through 2.46.1 or Jenkins rolling release through 2.56 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in instantiation of void. Successful exploitation could allow attackers to ca ... oval:org.secpod.oval:def:55580 The host is installed with Jenkins LTS through 2.46.1 or Jenkins rolling release through 2.56 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle an issue in the user database. Successful exploitation could allow attackers to cau ... oval:org.secpod.oval:def:55581 The host is installed with Jenkins LTS through 2.73.2 or Jenkins rolling release through 2.88 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle input validation issues. Successful exploitation could allow attackers to overwrite ... oval:org.secpod.oval:def:55582 The host is installed with Jenkins LTS through 2.73.2 or Jenkins rolling release through 2.88 and is prone to a persistent cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle input validation issues. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:55583 The host is installed with Jenkins LTS through 2.73.1 or Jenkins rolling release through 2.83 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle permission issues. Successful exploitation could allow attackers to run arbitr ... oval:org.secpod.oval:def:55584 The host is installed with Jenkins LTS through 2.73.1 or Jenkins rolling release through 2.83 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in commons-fileupload library. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:55585 The host is installed with Jenkins LTS through 2.73.1 or Jenkins rolling release through 2.83 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle issues in user/(username)/api remote API. Successful exploitation could allow at ... oval:org.secpod.oval:def:55586 The host is installed with Jenkins LTS through 2.73.1 or Jenkins rolling release through 2.83 and is prone to a man-in-the-middle-attack vulnerability. A flaw is present in the application, which fails to properly handle an issue in the commons-httpclient library. Successful exploitation could allow ... oval:org.secpod.oval:def:55587 The host is installed with Jenkins LTS through 2.73.1 or Jenkins rolling release through 2.83 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in /computer/(agent-name)/api. Successful exploitation could allow atta ... oval:org.secpod.oval:def:55588 The host is installed with Jenkins LTS through 2.73.1 or Jenkins rolling release through 2.83 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an isuee in /queue/item/(ID)/api. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:55589 The host is installed with Jenkins LTS through 2.73.1 or Jenkins rolling release through 2.83 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in /job/(job-name)/api. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:55590 The host is installed with Jenkins LTS through 2.73.1 or Jenkins rolling release through 2.83 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in form validation AJAX GET requests. Successful exploitation could all ... oval:org.secpod.oval:def:55591 The host is installed with Jenkins LTS through 2.89.1 or Jenkins rolling release from 2.81 through 2.94 and is prone to a race condition vulnerability. A flaw is present in the application, which fails to properly handle a startup issue. Successful exploitation could allow attackers to cause a failu ... oval:org.secpod.oval:def:55592 The host is installed with Jenkins LTS through 2.89.1 or Jenkins rolling release through 2.94 and is prone to a race condition vulnerability. A flaw is present in the application, which fails to properly handle a startup issue. Successful exploitation could allow attackers to disable Cross-Site Requ ... oval:org.secpod.oval:def:55593 The host is installed with Jenkins LTS before 2.32.2 or Jenkins rolling release before 2.44 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in AES ECB block cipher mode. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:55594 The host is installed with Jenkins LTS before 2.32.2 or Jenkins rolling release before 2.44 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle permission checks. Successful exploitation could allow attackers to create new items ... oval:org.secpod.oval:def:55595 The host is installed with Jenkins LTS before 2.32.2 or Jenkins rolling release before 2.44 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle an issue in remote API. Successful exploitation could allow attackers to view node mo ... oval:org.secpod.oval:def:55596 The host is installed with Jenkins LTS before 2.32.2 or Jenkins rolling release before 2.44 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in parameter names and descriptions. Successful exploitation could allow att ... oval:org.secpod.oval:def:55597 The host is installed with Jenkins LTS before 2.32.2 or Jenkins rolling release before 2.44 and is prone to a privilege vulnerability. A flaw is present in the application, which fails to properly handle an issue in blacklisting of pipeline metadata files.Successful exploitation could allow attacker ... oval:org.secpod.oval:def:55598 The host is installed with Jenkins LTS before 2.32.2 or Jenkins rolling release before 2.44 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in config.xml API. Successful exploitation could allow attackers to obtai ... oval:org.secpod.oval:def:55599 The host is installed with Jenkins LTS before 2.32.2 or Jenkins rolling release before 2.44 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle permission checks. Successful exploitation could allow attackers to cause unauthorize ... oval:org.secpod.oval:def:55600 The host is installed with Jenkins LTS before 2.32.2 or Jenkins rolling release before 2.44 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in the internal API. Successful exploitation could allow attackers to obt ... oval:org.secpod.oval:def:55601 The host is installed with Jenkins LTS before 2.32.2 or Jenkins rolling release before 2.44 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in console notes. Successful exploitation could allow attackers to cause una ... oval:org.secpod.oval:def:55602 The host is installed with Jenkins LTS before 2.32.2 or Jenkins rolling release before 2.44 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to properly handle in XSTREAM APIs. Successful exploitation could allow attackers to cause disruption o ... oval:org.secpod.oval:def:55603 The host is installed with Jenkins LTS before 2.32.2 or Jenkins rolling release before 2.44 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in search suggestions. Successful exploitation could allow attackers to o ... oval:org.secpod.oval:def:55604 The host is installed with Jenkins LTS before 2.32.2 or Jenkins rolling release before 2.44 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in search suggestions. Successful exploitation could allow attackers to caus ... oval:org.secpod.oval:def:55605 The host is installed with Jenkins LTS before 2.32.2 or Jenkins rolling release before 2.44 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle permission checks. Successful exploitation could allow attackers to trigger backgroun ... oval:org.secpod.oval:def:55606 The host is installed with Jenkins LTS before 2.32.2 or Jenkins rolling release before 2.44 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle permission checks. Successful exploitation could allow attackers to cause disruption ... oval:org.secpod.oval:def:55607 The host is installed with Jenkins LTS before 2.32.2 or Jenkins rolling release before 2.44 and is prone to a CSRF vulnerability. A flaw is present in the application, which fails to properly handle an issue in GET requests. Successful exploitation could allow attackers to cause unauthorized modific ... oval:org.secpod.oval:def:55608 The host is installed with Jenkins LTS through 2.89.3 or Jenkins rolling release through 2.106 and is prone to an improper authorization vulnerability. A flaw is present in the application, which fails to properly handle improper authorizations. Successful exploitation could allow attackers to an at ... oval:org.secpod.oval:def:55609 The host is installed with Jenkins LTS through 2.89.3 or Jenkins rolling release through 2.106 and is prone to an improper authorization vulnerability. A flaw is present in the application, which fails to properly handle improper input validation. Successful exploitation could allow attackers to acc ... oval:org.secpod.oval:def:55610 The host is installed with Jenkins LTS through 2.107.1 or Jenkins rolling release through 2.115 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in CLICommand.java and ViewOptionHandler.java. Successful exploitatio ... oval:org.secpod.oval:def:55611 The host is installed with Jenkins LTS through 2.107.1 or Jenkins rolling release through 2.115 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in onfirmationList.jelly and stopButton.jelly. Successful exploitation c ... oval:org.secpod.oval:def:55612 The host is installed with Jenkins LTS through 2.107.2 or Jenkins rolling release through 2.120 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in AboutJenkins.java. Successful exploitation could allow attackers t ... oval:org.secpod.oval:def:55613 The host is installed with Jenkins LTS through 2.107.2 or Jenkins rolling release through 2.120 and is prone to an improper neutralization of control sequences vulnerability. A flaw is present in the application, which fails to properly handle an issue in neutralization of control sequences. Success ... oval:org.secpod.oval:def:55614 The host is installed with Jenkins LTS through 2.107.2 or Jenkins rolling release through 2.120 and is prone to an path traversal vulnerability. A flaw is present in the application, which fails to properly handle an issue in FilePath.java and SoloFilePathFilter.java. Successful exploitation could a ... oval:org.secpod.oval:def:55615 The host is installed with Jenkins LTS through 2.107.2 or Jenkins rolling release through 2.120 and is prone to a CSRF vulnerability. A flaw is present in the application, which fails to properly handle an issue in ZipExtractionInstaller.java. Successful exploitation could allow attackers to have Je ... oval:org.secpod.oval:def:55616 The host is installed with Jenkins LTS through 2.138.1 or Jenkins rolling release through 2.145 and is prone to a path traversal vulnerability. A flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/model/FileParameterValue.java. Successful exploit ... oval:org.secpod.oval:def:55617 The host is installed with Jenkins LTS through 2.138.1 or Jenkins rolling release through 2.145 and is prone to an cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/model/Api.java. Successful exploitation co ... oval:org.secpod.oval:def:55618 The host is installed with Jenkins LTS through 2.138.1 or Jenkins rolling release through 2.145 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java. Succ ... oval:org.secpod.oval:def:55619 The host is installed with Jenkins LTS through 2.138.1 or Jenkins rolling release through 2.145 and is prone to a session fixation vulnerability. A flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java. Succe ... oval:org.secpod.oval:def:55620 The host is installed with Jenkins LTS through 2.138.3 or Jenkins rolling release through 2.153 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in DirectoryBrowserSupport.java. Successful exploitation could allow ... oval:org.secpod.oval:def:55621 The host is installed with Jenkins LTS through 2.138.3 or Jenkins rolling release through 2.153 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted user names. Successful exploitation could allow attackers to submit crafted ... oval:org.secpod.oval:def:55622 The host is installed with Jenkins LTS through 2.138.3 or Jenkins rolling release through 2.153 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in crontab.java. Successful exploitation could allow attackers with overall ... oval:org.secpod.oval:def:55623 The host is installed with Jenkins LTS through 2.138.1 or Jenkins rolling release through 2.145 and is prone to a path traversal vulnerability. A flaw is present in the application, which fails to properly handle issues in multiple library files. Successful exploitation could allow attackers to rend ... oval:org.secpod.oval:def:55624 The host is installed with Jenkins LTS through 2.121.1 or Jenkins rolling release through 2.132 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle crafted login credentials. Successful exploitation could allow attackers to obtai ... oval:org.secpod.oval:def:55625 The host is installed with Jenkins LTS through 2.121.1 or Jenkins rolling release through 2.132 and is prone to an arbitrary file read vulnerability. A flaw is present in the application, which fails to properly handle crafted http requests. Successful exploitation could allow attackers to send craf ... oval:org.secpod.oval:def:55626 The host is installed with Jenkins LTS through 2.121.1 or Jenkins rolling release through 2.132 and is prone to an improper authorization vulnerability. A flaw is present in the application, which fails to properly handle an issue in Queue.java. Successful exploitation could allow attackers with ove ... oval:org.secpod.oval:def:55627 The host is installed with Jenkins LTS through 2.121.1 or Jenkins rolling release through 2.132 and is prone to an improper authorization vulnerability. A flaw is present in the application, which fails to properly handle an issue in SlaveComputer.java. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:55628 The host is installed with Jenkins LTS through 2.121.1 or Jenkins rolling release through 2.132 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in BuildTimelineWidget.java. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:55629 The host is installed with Jenkins LTS through 2.121.1 or Jenkins rolling release through 2.132 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in Plugin.java. Successful exploitation could allow attackers to dete ... oval:org.secpod.oval:def:55630 The host is installed with Jenkins LTS through 2.121.1 or Jenkins rolling release through 2.132 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in org/kohsuke/stapler/Stapler.java. Successful exploitation could allow ... oval:org.secpod.oval:def:55631 The host is installed with Jenkins LTS through 2.121.2 or Jenkins rolling release through 2.137 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in XStream2.java. Successful exploitation could allow attackers to ha ... oval:org.secpod.oval:def:55632 The host is installed with Jenkins LTS through 2.121.2 or Jenkins rolling release through 2.137 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in BasicAuthenticationFilter.java. Successful exploitation could allow atta ... oval:org.secpod.oval:def:55633 The host is installed with Jenkins LTS through 2.121.2 or Jenkins rolling release through 2.137 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle an issue in CronTab.java. Successful exploitation could allow attackers with overall ... oval:org.secpod.oval:def:55634 The host is installed with Jenkins LTS through 2.121.2 or Jenkins rolling release through 2.137 and is prone to an improper authentication vulnerability. A flaw is present in the application, which fails to properly handle issues in SecurityRealm.java and TokenBasedRememberMeServices2.java. Successf ... oval:org.secpod.oval:def:55635 The host is installed with Jenkins LTS through 2.121.2 or Jenkins rolling release through 2.137 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle an issue in Computer.java. Successful exploitation could allow attackers with ... oval:org.secpod.oval:def:55636 The host is installed with Jenkins LTS through 2.121.2 or Jenkins rolling release through 2.137 and is prone to an improper autorization vulnerability. A flaw is present in the application, which fails to properly handle an issue in UpdateCenter.java. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:55637 The host is installed with Jenkins LTS before 2.89.4 or Jenkins rolling release before 2.107 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle an issue in input validation. Successful exploitation could allow attackers with Ove ... oval:org.secpod.oval:def:55638 The host is installed with Jenkins LTS through 2.150.1 or Jenkins rolling release through 2.158 and is prone to an improper authorization vulnerability. A flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.j ... oval:org.secpod.oval:def:55639 The host is installed with Jenkins LTS through 2.150.1 or Jenkins rolling release through 2.158 and is prone to an improper authorization vulnerability. A flaw is present in the application, which fails to properly handle an issue in core/src/main/java/hudson/security/AuthenticationProcessingFilter2 ... oval:org.secpod.oval:def:55640 The host is installed with Jenkins LTS through 2.164.1 or Jenkins rolling release through 2.171 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle an issue in CLI authentication. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:55641 The host is installed with Jenkins LTS through 2.164.1 or Jenkins rolling release through 2.171 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in URL validation. Successful exploitation could allow attackers to allo ... oval:org.secpod.oval:def:58778 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in f:expandableTextBox form controls. Successful exploitation cou ... oval:org.secpod.oval:def:58779 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in f:combobox form controls. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:58780 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in escaping tag name on a tooltip. Successful exploitation could ... oval:org.secpod.oval:def:58781 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in escaping the reason a queue item is blocked in tooltips. Succe ... oval:org.secpod.oval:def:58782 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in the WhoAmI URL. Successful exploitation could allow attackers to obta ... oval:org.secpod.oval:def:58783 The host is installed with Jenkins LTS through 2.176.3 or Jenkins rolling release through 2.196 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in filtering the values specified by administrators as jenkins root URL. ... oval:org.secpod.oval:def:73664 The host is installed with Jenkins LTS through 2.289.1 or Jenkins rolling release through 2.299 and is prone to an incorrect authorization vulnerability. A flaw is present in the application, which fails to properly handle issues with permission checks. Successful exploitation could allows users to ... oval:org.secpod.oval:def:73665 The host is installed with Jenkins LTS through 2.289.1 or Jenkins rolling release through 2.299 and is prone to a session fixation vulnerability. A flaw is present in the application, which fails to properly handle issues with validation of sessions. Successful exploitation could allows attackers to ... oval:org.secpod.oval:def:88174 The host is installed with Jenkins LTS 2.277.1 through 2.375.3 or Jenkins rolling 2.270 through 2.329 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to handle issues in unspecified vectors. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:88175 The host is installed with Jenkins LTS through 2.375.3 or Jenkins rolling through 2.329 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle issues in unspecified vectors. Successful exploitation could allow attackers to read and writ ... oval:org.secpod.oval:def:88176 The host is installed with Jenkins LTS through 2.375.3 or Jenkins rolling through 2.329 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle issues in Apache Commons FileUpload library. Successful exploitation could allow attackers to cause a ... oval:org.secpod.oval:def:88177 The host is installed with Jenkins LTS through 2.375.3 or Jenkins rolling through 2.329 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to handle issues in Apache Commons FileUpload library. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:88178 The host is installed with Jenkins LTS through 2.375.3 or Jenkins rolling through 2.329 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle issues in unspecified vectors. On successful exploitation, application shows temporary director ... oval:org.secpod.oval:def:88179 The host is installed with Jenkins LTS through 2.375.3 or Jenkins rolling through 2.329 and is prone to a information disclosure vulnerability. A flaw is present in the application, which fails to handle issues in unspecified vectors. On successful exploitation, application prints an error stack tra ... oval:org.secpod.oval:def:89169 The host is installed with Jenkins LTS through 2.375.3 or Jenkins rolling through 2.393 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to handle issues in unspecified vectors. Successful exploitation could allow attackers to cause unspe ... |