FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

jenkins -- multiple vulnerabilities

Affected packages
jenkins < 2.160
jenkins-lts < 2.150.2

Details

VuXML ID debf6353-5753-4e9a-b710-a83ecdd743de
Discovery 2019-01-16
Entry 2019-01-16

Jenkins Security Advisory:

Description

(High) SECURITY-868

Administrators could persist access to Jenkins using crafted 'Remember me' cookie

(Medium) SECURITY-901

Deleting a user in an external security realm did not invalidate their session or 'Remember me' cookie

References

URL https://jenkins.io/security/advisory/2019-01-16/