Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
Jenkins project

jenkins_cloudbees_cd

5 Versions 3 CVEs

Versions

unspecified

OTHER 1 CVE

1.1.18.1

OTHER 1 CVE

1.1.21

SEMANTIC 1 CVE

0

SINGLE_NUMBER 2 CVEs

1.1.32

SEMANTIC 2 CVEs

Recent CVEs

CVE-2023-46655

Jenkins CloudBees CD Plugin 1.1.32 and earlier follows symbolic links to locations outside of the directory from which artifacts are published during the 'CloudBees CD - Publish Artifact' post-build step, allowing attackers able to configure jobs to publish arbitrary files from the Jenkins controller file system to the previously configured CloudBees CD server.

UNKNOWN Oct 25, 2023

CVE-2023-46654

Jenkins CloudBees CD Plugin 1.1.32 and earlier follows symbolic links to locations outside of the expected directory during the cleanup process of the 'CloudBees CD - Publish Artifact' post-build step, allowing attackers able to configure jobs to delete arbitrary files on the Jenkins controller file system.

UNKNOWN Oct 25, 2023

CVE-2021-21647

Jenkins CloudBees CD Plugin 1.1.21 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Item/Read permission to schedule builds of projects without having Item/Build permission.

UNKNOWN Apr 21, 2021