FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-02 10:37:19 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
5d374fbb-bae3-45db-afc0-795684ac7353	jenkins -- Path traversal vulnerability allows access to files outside plugin resources Jenkins developers report: Jenkins did not properly prevent specifying relative paths that escape a base directory for URLs accessing plugin resource files. This allowed users with Overall/Read permission to download files from the Jenkins master they should not have access to. Discovery 2018-02-14 Entry 2018-02-14 jenkins le 2.106 jenkins-lts le 2.89.3 https://jenkins.io/security/advisory/2018-02-14/ https://jenkins.io/blog/2018/02/14/security-updates/ CVE-2018-6356

VuXML ID

Description

5d374fbb-bae3-45db-afc0-795684ac7353

jenkins -- Path traversal vulnerability allows access to files outside plugin resources

Jenkins developers report:

Jenkins did not properly prevent specifying relative paths that escape a base directory for URLs accessing plugin resource files. This allowed users with Overall/Read permission to download files from the Jenkins master they should not have access to.

Discovery 2018-02-14
Entry 2018-02-14
jenkins

le 2.106

jenkins-lts

le 2.89.3

https://jenkins.io/security/advisory/2018-02-14/
https://jenkins.io/blog/2018/02/14/security-updates/
CVE-2018-6356