Nixpkgs Security Tracker

Login with GitHub

Suggestions search

Untriaged
Filter by:
With package: jenkins

Found 7 matching suggestions

Permalink CVE-2015-1809
updated 2 days, 14 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 2 days, 17 hours ago
  • @LeSuisse removed
    10 packages
    • jenkins-job-builder
    • python312Packages.jenkinsapi
    • python313Packages.jenkinsapi
    • python314Packages.jenkinsapi
    • python312Packages.python-jenkins
    • python313Packages.python-jenkins
    • python314Packages.python-jenkins
    • python312Packages.jenkins-job-builder
    • python313Packages.jenkins-job-builder
    • python314Packages.jenkins-job-builder
    2 days, 14 hours ago
XML external entity (XXE) vulnerability in CloudBees Jenkins before 1.600 …

XML external entity (XXE) vulnerability in CloudBees Jenkins before 1.600 and LTS before 1.596.1 allows remote attackers to read arbitrary XML files via an XPath query.

Affected products

Jenkins
  • ==before 1.600
Jenkins LTS
  • ==before 1.596.1

Matching in nixpkgs

Ignored packages (10)

Package maintainers

Permalink CVE-2015-1811
updated 2 days, 14 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 2 days, 17 hours ago
  • @LeSuisse removed
    10 packages
    • jenkins-job-builder
    • python312Packages.jenkinsapi
    • python313Packages.jenkinsapi
    • python314Packages.jenkinsapi
    • python312Packages.python-jenkins
    • python313Packages.python-jenkins
    • python314Packages.python-jenkins
    • python312Packages.jenkins-job-builder
    • python313Packages.jenkins-job-builder
    • python314Packages.jenkins-job-builder
    2 days, 14 hours ago
XML external entity (XXE) vulnerability in CloudBees Jenkins before 1.600 …

XML external entity (XXE) vulnerability in CloudBees Jenkins before 1.600 and LTS before 1.596.1 allows remote attackers to read arbitrary XML files via a crafted XML document.

Affected products

Jenkins
  • ==before 1.600
Jenkins LTS
  • ==before 1.596.1

Matching in nixpkgs

Ignored packages (10)

Package maintainers

Permalink CVE-2012-4439
updated 2 days, 14 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 3 days, 14 hours ago
  • @LeSuisse removed
    10 packages
    • jenkins-job-builder
    • python312Packages.jenkinsapi
    • python313Packages.jenkinsapi
    • python314Packages.jenkinsapi
    • python312Packages.python-jenkins
    • python313Packages.python-jenkins
    • python314Packages.python-jenkins
    • python312Packages.jenkins-job-builder
    • python313Packages.jenkins-job-builder
    • python314Packages.jenkins-job-builder
    2 days, 14 hours ago
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS …

Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL that points to Jenkins.

Affected products

jenkins
  • ==1.447.2

Matching in nixpkgs

Ignored packages (10)

Package maintainers

Permalink CVE-2012-4438
updated 2 days, 14 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 3 days, 16 hours ago
  • @LeSuisse removed
    10 packages
    • jenkins-job-builder
    • python312Packages.jenkinsapi
    • python313Packages.jenkinsapi
    • python314Packages.jenkinsapi
    • python312Packages.python-jenkins
    • python313Packages.python-jenkins
    • python314Packages.python-jenkins
    • python312Packages.jenkins-job-builder
    • python313Packages.jenkins-job-builder
    • python314Packages.jenkins-job-builder
    2 days, 14 hours ago
Jenkins main before 1.482 and LTS before 1.466.2 allows remote …

Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers with read access and HTTP access to Jenkins master to insert data and execute arbitrary code.

Affected products

jenkins
  • ==1.447.2

Matching in nixpkgs

Ignored packages (10)

Package maintainers

Permalink CVE-2012-4440
updated 2 days, 14 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 3 days, 16 hours ago
  • @LeSuisse removed
    10 packages
    • jenkins-job-builder
    • python312Packages.jenkinsapi
    • python313Packages.jenkinsapi
    • python314Packages.jenkinsapi
    • python312Packages.python-jenkins
    • python313Packages.python-jenkins
    • python314Packages.python-jenkins
    • python312Packages.jenkins-job-builder
    • python313Packages.jenkins-job-builder
    • python314Packages.jenkins-job-builder
    2 days, 14 hours ago
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS …

Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the Violations plugin.

Affected products

jenkins
  • ==2

Matching in nixpkgs

Ignored packages (10)

Package maintainers

Permalink CVE-2012-4441
updated 2 days, 14 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 3 days, 16 hours ago
  • @LeSuisse removed
    10 packages
    • jenkins-job-builder
    • python312Packages.jenkinsapi
    • python313Packages.jenkinsapi
    • python314Packages.jenkinsapi
    • python312Packages.python-jenkins
    • python313Packages.python-jenkins
    • python314Packages.python-jenkins
    • python312Packages.jenkins-job-builder
    • python313Packages.jenkins-job-builder
    • python314Packages.jenkins-job-builder
    2 days, 14 hours ago
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS …

Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the CI game plugin.

Affected products

jenkins
  • ==1.482

Matching in nixpkgs

Ignored packages (10)

Package maintainers

Permalink CVE-2012-0785
updated 2 days, 14 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 3 days, 20 hours ago
  • @LeSuisse removed
    10 packages
    • jenkins-job-builder
    • python312Packages.jenkinsapi
    • python313Packages.jenkinsapi
    • python314Packages.jenkinsapi
    • python312Packages.python-jenkins
    • python313Packages.python-jenkins
    • python314Packages.python-jenkins
    • python312Packages.jenkins-job-builder
    • python313Packages.jenkins-job-builder
    • python314Packages.jenkins-job-builder
    2 days, 14 hours ago
Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS …

Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."

Affected products

Jenkins
  • ==before 1.447
Jenkins LTS
  • ==before 1.424.2
Jenkins Enterprise by CloudBees
  • ==1.400.x before 1.400.0.11
  • ==1.424.x before 1.424.2.1

Matching in nixpkgs

Ignored packages (10)

Package maintainers