Skip to content

TechMedia

Header Image
Author

wpmaster

811184 Posts

Featured

Posted byWpmaster
大規模対戦ACT『Warlander』PS5/XSX版最新情報を公開―新コンテンツ追加やゲーム改善をリリースに向けて開発中
Posted byWpmaster
サウナブームが到来!!「ととのう」を提供するべく新サウナ施設や様々なサウナグッズが登場 (マイライフニュース)
Posted byWpmaster
吉野家HDの24年2月期、営業益34%増 12年ぶり水準 (日本経済新聞)
Posted byWpmaster
【フォト】大規模反攻、夏にずれ込む可能性 ウクライナ首相 (産経新聞)

[org.jenkins-ci.plugins:junit] Jenkins JUnit Plugin subject to Cross-site Scripting via URL conversion

  • Posted inHIGH
  • Posted byWpmaster
  • 11/16/202212/16/2022

JUnit Plugin 1159.v0b_396e1e07dd and earlier converts HTTP(S) URLs in test report output to clickable links.
This is done in an unsafe manner, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure p…

[org.jenkins-ci.plugins:script-security] Whole-script approval in Jenkins Script Security Plugin vulnerable to SHA-1 collisions

  • Posted inHIGH
  • Posted byWpmaster
  • 11/16/202212/16/2022

Script Security Plugin 1189.vb_a_b_7c8fd5fde and earlier stores whole-script approvals as the SHA-1 hash of the approved script. SHA-1 no longer meets the security standards for producing a cryptographically secure message digest.
Script Security Plugi…

[org.jenkins-ci.main:cavisson-ns-nd-integration] SSL/TLS certificate validation unconditionally disabled by Jenkins NS-ND Integration Performance Publisher Plugin

  • Posted inMODERATE
  • Posted byWpmaster
  • 11/16/202212/16/2022

Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.146 and earlier unconditionally disables SSL/TLS certificate and hostname validation for several features. Currently, there are no known workarounds or patches.
References

https://nvd.nist.g…

[org.jenkins-ci.plugins:support-core] Incorrect permission checks in Jenkins Support Core Plugin

  • Posted inMODERATE
  • Posted byWpmaster
  • 11/16/202212/16/2022

Support Core Plugin defines the permission Support/DownloadBundle that allows users without Overall/Administer permission to create and download support bundles containing a limited set of diagnostic information.
Support Core Plugin 1206.v14049fa_b_d86…

[org.jenkins-ci.plugins:naginator] Cross-site Scripting in Jenkins Naginator Plugin

  • Posted inHIGH
  • Posted byWpmaster
  • 11/16/202212/16/2022

Naginator Plugin 1.18.1 and earlier does not escape display names of source builds in builds that were triggered via Retry action.
This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to edit build display nam…

[org.jenkins-ci.plugins:pipeline-utility-steps] Arbitrary file read vulnerability in Jenkins Pipeline Utility Steps Plugin

  • Posted inHIGH
  • Posted byWpmaster
  • 11/16/202212/16/2022

Pipeline Utility Steps Plugin implements a readProperties Pipeline step that supports interpolation of variables using the Apache Commons Configuration library.
Pipeline Utility Steps Plugin 2.13.1 and earlier does not restrict the set of enabled prefi…

[github.com/hashicorp/consul] Missing Authorization in HashiCorp Consul

  • Posted inHIGH
  • Posted byWpmaster
  • 11/16/202211/22/2022

HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do not filter cluster filtering’s imported nodes and services for HTTP or RPC endpoints used by the UI. Fixed in 1.14.0.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-3920
https://discu…

【ダイソー】100円で“プロ級の写真”が撮れる!おすすめ撮影グッズをご紹介♪

  • Posted inUncategorized
  • Posted byWpmaster
  • 11/16/2022

ダイソーで買い物中、見つけた『撮影用ライト』。コロナでおうち時間が増え、フリマサイトに手を出している…

コードタクト、デジタル庁の実証調査研究に参加する事業者として採択

  • Posted inUncategorized
  • Posted byWpmaster
  • 11/16/2022

コードタクトは、同社が10月25日に、デジタル庁の「初等中等教育における校務支援システム、学習支援シ…

109シネマズプレミアム新宿、坂本龍一がシアター音響を監修 新宿ミラノ座跡地に来年開業

  • Posted inUncategorized
  • Posted byWpmaster
  • 11/16/2022

東京都新宿区歌舞伎町に2023年4月14日開業予定の「109シネマズプレミアム新宿」の全シアターの音…

Posts navigation

Previous Posts 1 … 81,015 81,016 81,017 81,018 81,019 … 81,119 Next Posts
TechMedia
WordPress theme by componentz

Archives

2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
Hit enter to search or ESC to close