FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

jenkins -- multiple vulnerabilities

Affected packages
jenkins < 2.356
jenkins-lts < 2.346.1

Details

VuXML ID 25be46f0-f25d-11ec-b62a-00e081b7aa2d
Discovery 2022-06-22
Entry 2022-06-22

Jenkins Security Advisory:

Description

(High) SECURITY-2781 / CVE-2022-34170 (SECURITY-2779), CVE-2022-34171 (SECURITY-2761), CVE-2022-34172 (SECURITY-2776), CVE-2022-34173 (SECURITY-2780)

Multiple XSS vulnerabilities

(Medium) SECURITY-2566 / CVE-2022-34174

Observable timing discrepancy allows determining username validity

(Medium) Unauthorized view fragment access

SECURITY-2777 / CVE-2022-34175

References

CVE Name CVE-2022-34170
CVE Name CVE-2022-34171
CVE Name CVE-2022-34172
CVE Name CVE-2022-34173
CVE Name CVE-2022-34174
CVE Name CVE-2022-34175
URL https://www.jenkins.io/security/advisory/2022-06-22/