Lucene search

K

Runner Security Vulnerabilities

cve
cve

CVE-2022-2251

Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user who creates a branch with a specially crafted name and gets another user to trigger a pipeline to execute commands in the runner as that other....

8CVSS

7.5AI Score

0.004EPSS

2023-01-17 09:15 PM
76
cve
cve

CVE-2022-39321

GitHub Actions Runner is the application that runs a job from a GitHub Actions workflow. The actions runner invokes the docker cli directly in order to run job containers, service containers, or container actions. A bug in the logic for how the environment is encoded into these docker commands was....

9.9CVSS

9.7AI Score

0.001EPSS

2022-10-25 05:15 PM
36
6
cve
cve

CVE-2018-1000146

An arbitrary code execution vulnerability exists in Liquibase Runner Plugin version 1.3.0 and older that allows an attacker with permission to configure jobs to load and execute arbitrary code on the Jenkins master...

8.8CVSS

8.9AI Score

0.001EPSS

2022-10-03 04:21 PM
22
cve
cve

CVE-2021-4041

A flaw was found in ansible-runner. An improper escaping of the shell command, while calling the ansible_runner.interface.run_command, can lead to parameters getting executed as host's shell command. A developer could unintentionally write code that gets executed in the host rather than the...

7.8CVSS

7.3AI Score

0.001EPSS

2022-08-24 04:15 PM
47
2
cve
cve

CVE-2021-3701

A flaw was found in ansible-runner where the default temporary files configuration in ansible-2.0.0 are written to world R/W locations. This flaw allows an attacker to pre-create the directory, resulting in reading private information or forcing ansible-runner to write files as the legitimate user....

6.6CVSS

6.1AI Score

0.0004EPSS

2022-08-23 04:15 PM
52
3
cve
cve

CVE-2021-3702

A race condition flaw was found in ansible-runner, where an attacker could watch for rapid creation and deletion of a temporary directory, substitute their directory at that name, and then have access to ansible-runner's private_data_dir the next time ansible-runner made use of the...

6.3CVSS

6AI Score

0.0005EPSS

2022-08-23 04:15 PM
47
4
cve
cve

CVE-2021-39947

In specific circumstances, trace file buffers in GitLab Runner versions up to 14.3.4, 14.4 to 14.4.2, and 14.5 to 14.5.2 would re-use the file descriptor 0 for multiple traces and mix the output of several...

7.5CVSS

7.2AI Score

0.001EPSS

2022-06-06 05:15 PM
31
2
cve
cve

CVE-2022-0437

Cross-site Scripting (XSS) - DOM in NPM karma prior to...

6.1CVSS

5.8AI Score

0.001EPSS

2022-02-05 02:15 AM
30
cve
cve

CVE-2021-39939

An uncontrolled resource consumption vulnerability in GitLab Runner affecting all versions starting from 13.7 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an attacker triggering a job with a specially crafted docker image to...

6.5CVSS

6AI Score

0.001EPSS

2021-12-13 04:15 PM
23
cve
cve

CVE-2021-3139

In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopy_locate_udev in tcmur_cmd_handler.c lacks a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. For example, an attack can occur over a network if....

8.1CVSS

8.2AI Score

0.004EPSS

2021-01-13 04:15 PM
129
3
cve
cve

CVE-2020-2312

Jenkins SQLPlus Script Runner Plugin 2.0.12 and earlier does not mask a password provided as command line argument in build...

6.5CVSS

6.6AI Score

0.001EPSS

2020-11-04 03:15 PM
32
cve
cve

CVE-2020-13327

An issue has been discovered in GitLab Runner affecting all versions starting from 13.4.0 before 13.4.2, all versions starting from 13.3.0 before 13.3.7, all versions starting from 13.2.0 before 13.2.10. Insecure Runner Configuration in Kubernetes...

7.5CVSS

7.2AI Score

0.001EPSS

2020-10-22 09:15 PM
25
cve
cve

CVE-2020-13347

A command injection vulnerability was discovered in Gitlab runner versions prior to 13.2.4, 13.3.2 and 13.4.1. When the runner is configured on a Windows system with a docker executor, which allows the attacker to run arbitrary commands on Windows host, via DOCKER_AUTH_CONFIG build...

9.1CVSS

9.4AI Score

0.007EPSS

2020-10-07 02:15 PM
26
cve
cve

CVE-2020-2285

A missing permission check in Jenkins Liquibase Runner Plugin 1.4.7 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in...

4.3CVSS

4.4AI Score

0.001EPSS

2020-09-23 02:15 PM
37
cve
cve

CVE-2020-2283

Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not escape changeset contents, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users able to control changeset files evaluated by the...

5.4CVSS

5.2AI Score

0.001EPSS

2020-09-23 02:15 PM
44
cve
cve

CVE-2020-2284

Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not configure its XML parser to prevent XML external entity (XXE)...

7.1CVSS

6.8AI Score

0.001EPSS

2020-09-23 02:15 PM
37
cve
cve

CVE-2020-13295

For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to...

8.8CVSS

8.4AI Score

0.002EPSS

2020-08-10 02:15 PM
29
cve
cve

CVE-2020-2176

Multiple form validation endpoints in Jenkins useMango Runner Plugin 1.4 and earlier do not escape values received from the useMango service, resulting in a cross-site scripting (XSS) vulnerability exploitable by users able to control the values returned from the useMango...

5.4CVSS

5.3AI Score

0.001EPSS

2020-04-07 01:15 PM
39
cve
cve

CVE-2019-10380

Jenkins Simple Travis Pipeline Runner Plugin 1.0 and earlier specifies unsafe values in its custom Script Security whitelist, allowing attackers able to execute Script Security protected scripts to execute arbitrary...

8.8CVSS

8.9AI Score

0.001EPSS

2019-08-07 03:15 PM
31
cve
cve

CVE-2019-13097

The application API of Cat Runner Decorate Home version 2.8.0 for Android does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable. Attackers can manipulate users' score parameters exchanged between client and...

7.5CVSS

7.4AI Score

0.001EPSS

2019-07-22 05:15 PM
104
cve
cve

CVE-2017-1000201

The tcmu-runner daemon in tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a local denial of service...

5.5CVSS

5.5AI Score

0.0004EPSS

2017-11-17 02:29 AM
26
cve
cve

CVE-2017-1000198

tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid memory references in the handler_glfs.so handler resulting in denial of...

7.5CVSS

7.3AI Score

0.001EPSS

2017-11-17 02:29 AM
26
cve
cve

CVE-2017-1000200

tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered NULL pointer dereference in the tcmu-runner daemon's on_unregister_handler() function resulting in denial of...

7.5CVSS

7.2AI Score

0.001EPSS

2017-11-17 02:29 AM
25
cve
cve

CVE-2017-1000199

tcmu-runner version 0.91 up to 1.20 is vulnerable to information disclosure in handler_qcow.so resulting in non-privileged users being able to check for existence of any file with root...

7.5CVSS

7.2AI Score

0.002EPSS

2017-11-17 02:29 AM
25
cve
cve

CVE-2014-5608

The Line Runner (Free) (aka com.djinnworks.linerunnerfree) application 4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...

6AI Score

0.0005EPSS

2014-09-09 01:55 AM
14
cve
cve

CVE-2005-2862

ADSL Road Runner modem in the Annex A family has a service running on port 224, which allows remote attackers to login to the modem with a blank password and gain unauthorized...

7.4AI Score

0.008EPSS

2005-09-08 11:03 PM
21
cve
cve

CVE-2001-0397

Buffer overflow in Silent Runner Collector (SRC) 1.6.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long SMTP HELO...

8.1AI Score

0.005EPSS

2001-06-18 04:00 AM
27