Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1
CVE-2023-46654
- EPSS 0.09%
- Published 25.10.2023 18:17:40
- Last modified 21.11.2024 08:28:59
Jenkins CloudBees CD Plugin 1.1.32 and earlier follows symbolic links to locations outside of the expected directory during the cleanup process of the 'CloudBees CD - Publish Artifact' post-build step, allowing attackers able to configure jobs to del...
6.5
CVE-2023-46655
- EPSS 0.21%
- Published 25.10.2023 18:17:40
- Last modified 21.11.2024 08:28:59
Jenkins CloudBees CD Plugin 1.1.32 and earlier follows symbolic links to locations outside of the directory from which artifacts are published during the 'CloudBees CD - Publish Artifact' post-build step, allowing attackers able to configure jobs to ...
4.3
CVE-2021-21647
- EPSS 0.16%
- Published 21.04.2021 15:15:08
- Last modified 21.11.2024 05:48:45
Jenkins CloudBees CD Plugin 1.1.21 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Item/Read permission to schedule builds of projects without having Item/Build permission.
1