Jenkins Multiple Vulnerabilities
Release Date: 10 May 2024
RISK: Medium Risk
TYPE: Operating Systems - Mobile & Apps
Multiple vulnerabilities were identified in Jenkins. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, sensitive information disclosure, denial of service and security restriction bypass on the targeted system.
Impact
- Remote Code Execution
- Information Disclosure
- Security Restriction Bypass
- Denial of Service
System / Technologies affected
- Git server Plugin up to and including 114.v068a_c7cc2574
- Script Security Plugin up to and including 1335.vf07d9ce377a_e
- Subversion Partial Release Manager Plugin up to and including 1.0.1
- Telegram Bot Plugin up to and including 1.4.0
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
沒有留言:
發佈留言