×
AllVideosNewsBooks Images Maps Shopping
Search tools

Configuring Content Security Policy - Jenkins

www.jenkins.io › doc › book › configuri...
To see the ALL CLASSES link when browsing Javadoc without frames, script-src 'unsafe-inline' must also be added to the CSP header. HTML Publisher Plugin. Make ...

Jenkins Security Advisory 2023-09-20

www.jenkins.io › security › advisory
Sep 20, 2023 · Jenkins 2.424, LTS 2.414.2 excludes sensitive variables from this search. Stored XSS vulnerability. SECURITY-3245 / CVE-2023-43495. Severity ( ...

Reporting Security Vulnerabilities - Jenkins

www.jenkins.io › security › reporting
... protection, and cause Jenkins ... If a cookie is Secure on https://ci.jenkins.io, then it's a matter of configuration. ... URLs starting with https://issues.

Rendering User Content - Jenkins

www.jenkins.io › doc › book › security
Resource Root URL. As an alternative to relaxing Content-Security-Policy , administrators can configure Jenkins to serve files from potentially less trusted ...

Jenkins Security Advisory 2023-06-14

www.jenkins.io › security › advisory
Jun 14, 2023 · 3.1 defines the appropriate context for credentials lookup. Stored XSS vulnerability in Maven Repository Server Plugin. SECURITY-3156 / CVE-2023 ...

Jenkins Security Advisory 2023-08-16

www.jenkins.io › security › advisory
Aug 16, 2023 · Blue Ocean Plugin 1.27.5.1 uses the configured SCM URL, instead of a user-specified URL provided as a parameter to the HTTP endpoint. CSRF ...

Jenkins Security Advisory 2023-12-13

www.jenkins.io › security › advisory
Dec 13, 2023 · Scriptler Plugin 342.v6a_89fd40f466 and earlier does not restrict a file name query parameter in an HTTP endpoint. This allows attackers with ...

Jenkins Security Advisory 2023-07-12

www.jenkins.io › security › advisory
Jul 12, 2023 · mabl Plugin 0.0.47 defines the appropriate context for credentials lookup. CSRF vulnerability and missing permission checks in mabl Plugin allow ...

Jenkins Security Advisory 2023-07-26

www.jenkins.io › security › advisory
Jul 26, 2023 · Jenkins 2.416, LTS 2.401.3, and LTS 2.414.1 encode URLs of affected hyperlink annotations in build logs. Incorrect control flow in Gradle Plugin ...

Jenkins Security Advisory 2023-04-12

www.jenkins.io › security › advisory
Apr 12, 2023 · Lucene-Search Plugin; NeuVector Vulnerability Scanner Plugin; Quay.io trigger Plugin; Report Portal Plugin; Thycotic DevOps Secrets Vault Plugin ...