Latest Security News about jenkins

Jenkins announces vulnerabilities

Overview : Stored XSS vulnerability in expandable textbox form control SECURITY-1498 / CVE-2019-10401 Jenkins form controls include an expandable textbox that can transform from a single-line text box to a multi-line text area. The implementation of this transformation interpreted the text content of the form field as HTML. This resulted in a cross-site scripting vulnerability […]

Information Disclosure Vulnerability in Jenkins Plugin CVE-2019-1010241

Jenkins Credentials Binding plugin is under attack to an info: disclosure vulnerability. Illigal use of this issue to gain control over sensitive informations that may leed to further attacks. Jenkins Credentials Binding plugin version 1.17 is vulnerable. Bugtraq ID : 109320 Class : Design Error CVE: CVE-2019-1010241 Remote : Yes Local : No Published : […]

Jenkins face Information Disclosure vulnerability

Jenkins Credential binding plugin was found to be prone information -disclosure vulnerability. An attacker can take advantage of this vulnerability and thereby gain access to sensitive information. This may also lead to further attacks. CVE: CVE-2019-1010241 Affected versions ;- Redhat OpenShift Container Platform 4.1 Redhat OpenShift Container Platform 3.9 Redhat OpenShift Container Platform 3.11 Redhat […]