FreshPorts - VuXML
This page displays vulnerability information about FreeBSD Ports.
The last vuln.xml file processed by FreshPorts is:
List all Vulnerabilities, by package
List all Vulnerabilities, by date
These are the vulnerabilities relating to the commit you have selected:
|d846af5b-00f4-11e2-b6d0-00e0814cab4e||jenkins -- multiple vulnerabilities|
Jenkins Security Advisory reports:
This advisory announces security vulnerabilities that were found
in Jenkins core and several plugins.
- The first vulnerability in Jenkins core allows unprivileged
users to insert data into Jenkins master, which can lead to
remote code execution. For this vulnerability to be exploited,
the attacker must have an HTTP access to a Jenkins master, and
he must have a read access to Jenkins.
- The second vulnerability in Jenkins core is a cross-site
scripting vulnerability. This allows an attacker to craft an URL
that points to Jenkins, and if a legitimate user clicks this link,
and the attacker will be able to hijack the user session.
- The third vulnerability is a cross-site scripting vulnerability
in the Violations plugin
- The fourth vulnerability is a cross-site scripting vulnerability
in The Continuous Integration Game plugin