<´╗┐img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=112631&fmt=gif" />

WIND RIVER SECURITY CENTER

Wind River is committed to active threat monitoring, rapid assessment, proactive customer notification, and timely fixes. This page brings together useful resources to help you navigate an evolving threat landscape.

cve Resources

Access our searchable database of Common Vulnerabilities and Exposures (CVEs).

Search the database

Recent CVEs

  • CVE-2018-1999047 | 2018-08-23

    A improper authorization vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in UpdateCenter.java that allows attackers to cancel a Jenkins restart scheduled through the update center.

  • CVE-2018-1999046 | 2018-08-23

    A exposure of sensitive information vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in Computer.java that allows attackers With Overall/Read permission to access the connection log for any agent.

  • CVE-2018-1999045 | 2018-08-23

    A improper authentication vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in SecurityRealm.java, TokenBasedRememberMeServices2.java that allows attackers with a valid cookie to remain logged in even if that feature is disabled.

  • CVE-2018-1999044 | 2018-08-23

    A denial of service vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop.

CVE Stats

  • Fixed in past 30 days: 26
  • Fixed in past 90 days: 144
  • Fixed in past 12 months: 839

SEARCH FOR PATCHES

Find and access all of
our patches at the
Knowledge Library

public release keys

Wind River protocol includes the use of PGP keys to sign our software. Use this public release key to sign content from your project:

Linux

Vulnerability Notices

Wind River® is committed to active threat monitoring, rapid assessment and prioritization, proactive customer notification, and timely fixes. Check out the remediation information on some of the latest security vulnerabilities.

REPORT A VULNERABILITY

If you have information about a security issue or vulnerability with a Wind River product or technology, please send an email to security-alert@windriver.com.

Please provide as much information as possible, including:

  • The products and versions affected
  • Detailed description of the vulnerability
  • Information on known exploits

A member of the Wind River security team will review your email and work with you in resolving the issue.

RELATED RESOURCES