oracle communications cloud native core automated test suite 1.9.0 vulnerabilities and exploits

(subscribe to this query)

A unauthorized modification of configuration vulnerability exists in Jenkins 2.132 and previous versions, 2.121.1 and previous versions in User.java that allows malicious users to provide crafted login credentials that cause Jenkins to move the config.xml file from the Jenkins ho...

Jenkins Jenkins Oracle Communications Cloud Native Core Automated Test Suite 1.9.0

A Improper authorization vulnerability exists in Jenkins 2.132 and previous versions, 2.121.1 and previous versions in Queue.java that allows attackers with Overall/Read permission to cancel queued builds.

Jenkins Jenkins Oracle Communications Cloud Native Core Automated Test Suite 1.9.0

A Improper authorization vulnerability exists in Jenkins 2.132 and previous versions, 2.121.1 and previous versions in SlaveComputer.java that allows attackers with Overall/Read permission to initiate agent launches, and abort in-progress agent launches.

Jenkins Jenkins Oracle Communications Cloud Native Core Automated Test Suite 1.9.0

A cross-site scripting vulnerability exists in Jenkins 2.132 and previous versions, 2.121.1 and previous versions in BuildTimelineWidget.java, BuildTimelineWidget/control.jelly that allows attackers with Job/Configure permission to define JavaScript that would be executed in anot...

Jenkins Jenkins Oracle Communications Cloud Native Core Automated Test Suite 1.9.0

A cross-site scripting vulnerability exists in Jenkins 2.132 and previous versions, 2.121.1 and previous versions in the Stapler web framework's org/kohsuke/stapler/Stapler.java that allows attackers with the ability to control the existence of some URLs in Jenkins to define...

Jenkins Jenkins Oracle Communications Cloud Native Core Automated Test Suite 1.9.0

A cross-site request forgery (CSRF) vulnerability in Jenkins 2.329 and previous versions, LTS 2.319.1 and previous versions allows malicious users to trigger build of job without parameters when no security realm is set.

Jenkins Jenkins Oracle Communications Cloud Native Core Automated Test Suite 1.9.0

A arbitrary file read vulnerability exists in Jenkins 2.132 and previous versions, 2.121.1 and previous versions in the Stapler web framework's org/kohsuke/stapler/Stapler.java that allows malicious users to send crafted HTTP requests returning the contents of any file on th...

Jenkins Jenkins Oracle Communications Cloud Native Core Automated Test Suite 1.9.0

1 EDB exploit

Jenkins versions 2.56 and previous versions as well as 2.46.1 LTS and previous versions are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed malicious users to transfer a serialized Java `SignedObject` object t...

Jenkins Jenkins Oracle Communications Cloud Native Core Automated Test Suite 1.9.0

1 EDB exploit2 Github repositories1 Article

An improper authorization vulnerability exists in Jenkins versions 2.106 and previous versions, and LTS 2.89.3 and previous versions, that allows an malicious user to have Jenkins submit HTTP GET requests and get limited information about the response.

Jenkins Jenkins Oracle Communications Cloud Native Core Automated Test Suite 1.9.0

An improper input validation vulnerability exists in Jenkins versions 2.106 and previous versions, and LTS 2.89.3 and previous versions, that allows an malicious user to access plugin resource files in the META-INF and WEB-INF directories that should not be accessible, if the Jen...

Jenkins Jenkins Oracle Communications Cloud Native Core Automated Test Suite 1.9.0

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook