FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-29 10:45:39 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
1ee26d45-6ddb-11ee-9898-00e081b7aa2d	jenkins -- HTTP/2 denial of service vulnerability in bundled Jetty Jenkins Security Advisory: Description (High) SECURITY-3291 / CVE-2023-36478, CVE-2023-44487 HTTP/2 denial of service vulnerability in bundled Jetty Discovery 2023-10-18 Entry 2023-10-18 jenkins < 2.428 jenkins-lts < 2.414.3 CVE-2023-36478 CVE-2023-44487 https://www.jenkins.io/security/advisory/2023-10-18/
a0321b74-031d-485c-bb76-edd75256a6f0	jenkins -- Stored XSS vulnerability Jenkins Security Advisory: Description (High) SECURITY-3188 / CVE-2023-39151 Stored XSS vulnerability Discovery 2023-07-26 Entry 2023-07-26 jenkins < 2.416 jenkins-lts < 2.401.3 CVE-2023-39151 https://www.jenkins.io/security/advisory/2023-07-26/
f68bb358-be8e-11ed-9215-00e081b7aa2d	jenkins -- multiple vulnerabilities Jenkins Security Advisory: Description (High) SECURITY-3037 / CVE-2023-27898 XSS vulnerability in plugin manager (Medium) SECURITY-3030 / CVE-2023-24998 (upstream issue), CVE-2023-27900 (MultipartFormDataParser), CVE-2023-27901 (StaplerRequest) DoS vulnerability in bundled Apache Commons FileUpload library (Medium) SECURITY-1807 / CVE-2023-27902 Workspace temporary directories accessible through directory browser (Low) SECURITY-3058 / CVE-2023-27903 Temporary file parameter created with insecure permissions (Low) SECURITY-2120 / CVE-2023-27904 Information disclosure through error stack traces related to agents Discovery 2023-03-08 Entry 2023-03-09 jenkins < 2.394 jenkins-lts < 2.387.1 CVE-2023-27898 CVE-2023-24998 CVE-2023-27900 CVE-2023-27901 CVE-2023-27902 CVE-2023-27903 CVE-2023-27904 https://www.jenkins.io/security/advisory/2023-03-08/
402fccd0-5b6d-11ee-9898-00e081b7aa2d	jenkins -- multiple vulnerabilities Jenkins Security Advisory: Description (Medium) SECURITY-3261 / CVE-2023-43494 Builds can be filtered by values of sensitive build variables (High) SECURITY-3245 / CVE-2023-43495 Stored XSS vulnerability (High) SECURITY-3072 / CVE-2023-43496 Temporary plugin file created with insecure permissions (Low) SECURITY-3073 / CVE-2023-43497 (Stapler), CVE-2023-43498 (MultipartFormDataParser) Temporary uploaded file created with insecure permissions Discovery 2023-09-20 Entry 2023-09-25 jenkins < 2.424 jenkins-lts < 2.414.2 CVE-2023-43494 CVE-2023-43495 CVE-2023-43496 CVE-2023-43497 https://www.jenkins.io/security/advisory/2023-09-20/
25be46f0-f25d-11ec-b62a-00e081b7aa2d	jenkins -- multiple vulnerabilities Jenkins Security Advisory: Description (High) SECURITY-2781 / CVE-2022-34170 (SECURITY-2779), CVE-2022-34171 (SECURITY-2761), CVE-2022-34172 (SECURITY-2776), CVE-2022-34173 (SECURITY-2780) Multiple XSS vulnerabilities (Medium) SECURITY-2566 / CVE-2022-34174 Observable timing discrepancy allows determining username validity (Medium) Unauthorized view fragment access SECURITY-2777 / CVE-2022-34175 Discovery 2022-06-22 Entry 2022-06-22 jenkins < 2.356 jenkins-lts < 2.346.1 CVE-2022-34170 CVE-2022-34171 CVE-2022-34172 CVE-2022-34173 CVE-2022-34174 CVE-2022-34175 https://www.jenkins.io/security/advisory/2022-06-22/
0b0ad196-1ee8-4a98-89b1-4d5d82af49a9	jenkins -- DoS vulnerability in bundled XStream library Jenkins Security Advisory: Description (Medium) SECURITY-2602 / CVE-2021-43859 (upstream issue), CVE-2022-0538 (Jenkins-specific converters) DoS vulnerability in bundled XStream library Discovery 2022-02-09 Entry 2022-02-10 jenkins < 2.334 jenkins-lts < 2.319.3 CVE-2021-43859 CVE-2022-0538 https://www.jenkins.io/security/advisory/2022-02-09/
672eeea9-a070-4f88-b0f1-007e90a2cbc3	jenkins -- multiple vulnerabilities Jenkins Security Advisory: Description (Medium) SECURITY-2558 / CVE-2022-20612 CSRF vulnerability in build triggers Discovery 2022-01-12 Entry 2022-01-12 jenkins < 2.330 jenkins-lts < 2.319.2 CVE-2022-20612 https://www.jenkins.io/security/advisory/2022-01-12/
b4db7d78-bb62-4f4c-9326-6e9fc2ddd400	jenkins -- CSRF protection bypass vulnerability Jenkins Security Advisory: Description (High) SECURITY-3135 / CVE-2023-35141 CSRF protection bypass vulnerability Discovery 2023-06-14 Entry 2023-06-14 jenkins < 2.400 jenkins-lts < 2.401.1 CVE-2023-35141 https://www.jenkins.io/security/advisory/2023-06-14/
8b03d274-56ca-489e-821a-cf32f07643f0	jenkins -- multiple vulnerabilities Jenkins Security Advisory: Description (Critical) SECURITY-3314 / CVE-2024-23897 Arbitrary file read vulnerability through the CLI can lead to RCE Description (High) SECURITY-3315 / CVE-2024-23898 Cross-site WebSocket hijacking vulnerability in the CLI Discovery 2024-01-24 Entry 2024-01-24 jenkins < 2.422 jenkins-lts < 2.426.3 CVE-2024-23897 CVE-2024-23898 https://www.jenkins.io/security/advisory/2024-01-24/