CPE-8193F0EF-F8A3-4FFA-9300-0FE37F54440D Detail

CPE Details

Jenkins 2.441 - Edition

Vendor

jenkins

Product

jenkins

Version

2.441

Created

2024-02-03
02h17 +00:00

Modified

2024-02-03
02h17 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:jenkins:jenkins:2.441::::-:::

Informations

Vendor

jenkins

Product

jenkins

Version

2.441

Software Edition

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2024-47804	2024-10-02 15h35 +00:00	If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction.	4.3	Medium
CVE-2024-47803	2024-10-02 15h35 +00:00	Jenkins 2.478 and earlier, LTS 2.462.2 and earlier does not redact multi-line secret values in error messages generated for form submissions involving the `secretTextarea` form field.	4.3	Medium
CVE-2024-43045	2024-08-07 13h27 +00:00	Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views".	6.3	Medium
CVE-2024-43044	2024-08-07 13h27 +00:00	Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the `ClassLoaderProxy#fetchJar` method in the Remoting library.	8.8	High
CVE-2024-23898	2024-01-24 17h52 +00:00	Jenkins 2.217 through 2.441 (both inclusive), LTS 2.222.1 through 2.426.2 (both inclusive) does not perform origin validation of requests made through the CLI WebSocket endpoint, resulting in a cross-site WebSocket hijacking (CSWSH) vulnerability, allowing attackers to execute CLI commands on the Jenkins controller.	8.8	High
CVE-2024-23897	2024-01-24 17h52 +00:00	Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.	9.8	Critical

Jenkins 2.441 - Edition

CPE Details

CPE Name: cpe:2.3:a:jenkins:jenkins:2.441:*:*:*:-:*:*:*

Informations

Vendor

Product

Version

Software Edition

Related CVE

CPE Name: cpe:2.3:a:jenkins:jenkins:2.441::::-:::