CVE-2015-7539
EUVD-2015-745503.02.2016, 18:59
The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| jenkins | jenkins | 𝑥 ≤ 1.639 |
| jenkins | jenkins | 𝑥 ≤ 1.625.1 |
| redhat | openshift | 2.0 |
| redhat | openshift | 3.1 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Common Weakness Enumeration
References