[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248585

 
 

909

 
 

195621

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 9522 Download | Alert*

Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents.

Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in org.kohsuke.stapler.RequestImpl, allowing attackers to trigger a denial of service.

The host is installed with Jenkins LTS through 2.375.3 or Jenkins rolling through 2.329 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to handle issues in Apache Commons FileUpload library. Successful exploitation could allow attackers to cause a denial of service (DoS) by sending crafted requests to HTTP endpoints processing file upl ...

The host is installed with Jenkins LTS through 2.375.3 or Jenkins rolling through 2.329 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to handle issues in Apache Commons FileUpload library. Successful exploitation could allow attackers to cause a denial of service (DoS) by sending crafted requests to HTTP endpoints processing file upl ...

The host is installed with Jenkins LTS through 2.375.3 or Jenkins rolling through 2.329 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle issues in Apache Commons FileUpload library. Successful exploitation could allow attackers to cause a denial of service (DoS) by sending crafted requests to HTTP endpoints processing file uploads.

The host is installed with Jenkins LTS through 2.375.3 or Jenkins rolling through 2.329 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle issues in Apache Commons FileUpload library. Successful exploitation could allow attackers to cause a denial of service (DoS) by sending crafted requests to HTTP endpoints processing file uploads.

Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in hudson.util.MultipartFormDataParser, allowing attackers to trigger a denial of service.

Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a plugin for installation, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used, potentially resulting in arbitrary code execution.

The host is installed with Jenkins LTS through 2.375.3 or Jenkins rolling through 2.329 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle issues in unspecified vectors. Successful exploitation could allow attackers to read and write the file of Jenkins controller file system before it used.

The host is installed with Jenkins LTS through 2.375.3 or Jenkins rolling through 2.329 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle issues in unspecified vectors. Successful exploitation could allow attackers to read and write the file of Jenkins controller file system before it used.


Pages:      Start    330    331    332    333    334    335    336    337    338    339    340    341    342    343    ..   952

© SecPod Technologies