VYPR
Medium severity5.3NVD Advisory· Published Oct 5, 2017· Updated Jun 17, 2026

CVE-2017-1000105

CVE-2017-1000105

Description

The optional Run/Artifacts permission can be enabled by setting a Java system property. Blue Ocean did not check this permission before providing access to archived artifacts, Item/Read permission was sufficient.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
io.jenkins.blueocean:blueoceanMaven
<= 1.2.4

Affected products

5
  • cpe:2.3:a:jenkins:blue_ocean:1.2.0:beta-1:*:*:*:jenkins:*:*+ 3 more
    • cpe:2.3:a:jenkins:blue_ocean:1.2.0:beta-1:*:*:*:jenkins:*:*
    • cpe:2.3:a:jenkins:blue_ocean:1.2.0:beta-2:*:*:*:jenkins:*:*
    • cpe:2.3:a:jenkins:blue_ocean:1.2.0:beta-3:*:*:*:jenkins:*:*
    • cpe:2.3:a:jenkins:blue_ocean:*:*:*:*:*:jenkins:*:*range: <=1.1.5

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.