Directly using Runtime#exec and similar Java APIs is usually a bug and can in some cases constitute a security vulnerability: While users with the permissions ...
This throws an exception if the user accessing this URL doesn't have Administer permission. If the administrator configured no security mechanism, the ...
It is defined by the Jenkins URL specified in the global configuration. --httpsListenAddress=$HTTPS_HOST. Binds Jenkins to listen for HTTPS requests on the IP ...
Jul 12, 2023 · This allows attackers to perform phishing attacks by having users go to a Jenkins URL that will forward them to a different site after ...
Missing: misc/ | Show results with:misc/
Sep 6, 2023 · This advisory announces vulnerabilities in the following Jenkins deliverables: Assembla Auth Plugin · AWS CodeCommit Trigger Plugin ...
Missing: misc/ | Show results with:misc/
Oct 25, 2023 · This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. GitHub Plugin 1.37.
Mar 8, 2023 · This advisory announces vulnerabilities in the following Jenkins deliverables: Jenkins (core); update-center2. Descriptions. XSS vulnerability ...
Missing: misc/ | Show results with:misc/
Jun 14, 2023 · As of publication of this advisory, we are aware of insufficiently escaped context menu URLs for label expressions, allowing attackers with Item ...
Jan 24, 2023 · This vulnerability allows attackers to rebuild previous builds triggered by Gerrit. Gerrit Trigger Plugin 2.38.1 requires POST requests for the ...
Missing: misc/ | Show results with:misc/
May 16, 2023 · This advisory announces vulnerabilities in the following Jenkins deliverables: Ansible Plugin · AppSpider Plugin · Azure VM Agents Plugin ...
Missing: misc/ | Show results with:misc/