Sandbox Bypass via CSRF in Jenkins Warnings Plugin

A cross-site request forgery vulnerability exists in Jenkins Warnings Plugin 5.0.0 and earlier in src/main/java/hudson/plugins/warnings/GroovyParser.java that allows attackers to execute arbitrary code via a form validation HTTP endpoint...

GHSA-XFWJ-2F34-32F5 Jenkins Groovy Plugin sandbox bypass vulnerability

A sandbox bypass vulnerability exists in Jenkins Groovy Plugin 2.0 and earlier in src/main/java/hudson/plugins/groovy/StringScriptSource.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkin...

Jenkins Groovy Plugin sandbox bypass vulnerability

A sandbox bypass vulnerability exists in Jenkins Groovy Plugin 2.0 and earlier in src/main/java/hudson/plugins/groovy/StringScriptSource.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkin...

Sandbox Bypass in Script Security Plugin

A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result i...

CockroachDB < 2.1.10 / 19.1.x < 19.1.16 / 19.2.x < 19.2.2 Broken Access Control Vulnerability (A42567)

The version of CockroachDB installed on the remote host has a privileged HTTP endpoint which is incorrectly available to non-admin users. An unauthenticated, remote attacker can exploit this issue by sending a specially crafted HTTP request to obtain & modify sensitive information from the remote...

GHSA-372F-JC47-7GR5 Missing permission check in Jenkins Conjur Secrets Plugin allows enumerating credentials IDs

Conjur Secrets Plugin 1.0.11 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another...

Missing permission check in Jenkins Conjur Secrets Plugin allows enumerating credentials IDs

Conjur Secrets Plugin 1.0.11 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another...

CVE-2021-43848

h2o is an open source http server. In code prior to the 8c0eca3 commit h2o may attempt to access uninitialized memory. When receiving QUIC frames in certain order, HTTP/3 server-side implementation of h2o can be misguided to treat uninitialized memory as HTTP/3 frames that have been received. Whe...

Design/Logic Flaw

h2o is an open source http server. In code prior to the 8c0eca3 commit h2o may attempt to access uninitialized memory. When receiving QUIC frames in certain order, HTTP/3 server-side implementation of h2o can be misguided to treat uninitialized memory as HTTP/3 frames that have been received. Whe...

CVE-2022-20619

A Cross-site request forgery CSRF vulnerability was found in the Jenkins Bitbucket Branch Source plugin. In the HTTP endpoint, the POST requests are not required. This flaw allows an attacker with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs...

CVE-2022-20612

A Cross-site request forgery CSRF vulnerability was found in Jenkins. The POST requests are not required for the HTTP endpoint handling manual build requests when no security realm is set. This flaw allows an attacker to trigger the building of a job without parameters...

Cross-Site Request Forgery in Jenkins

Jenkins 2.329 and earlier, LTS 2.319.1 and earlier does not require POST requests for the HTTP endpoint handling manual build requests when no security realm is set, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to trigger build of job without...

GHSA-W4JV-6RG4-PR4M Cross-Site Request Forgery in Jenkins Bitbucket Branch Source Plugin

Jenkins Bitbucket Branch Source Plugin prior to 746.v350d2781c184, 725.vd9f8be0fa250, 2.9.11.2, and 2.9.7.2 does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This allows attackers with Overall/Read access to connect to an...

PT-2022-14821 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.329 and earlier Jenkins LTS versions 2.319.1 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to trigger a build of a job without parameters when no security realm is set. This issue...

CVE-2021-42250

Improper output neutralization for Logs. A specific Apache Superset HTTP endpoint allowed for an authenticated user to forge log entries or inject malicious content into logs...

Input validation

Improper output neutralization for Logs. A specific Apache Superset HTTP endpoint allowed for an authenticated user to forge log entries or inject malicious content into logs...

CVE-2021-41034

The build of some language stacks of Eclipse Che version 6 includes pulling some binaries from an unsecured HTTP endpoint. As a consequence the builds of such stacks are vulnerable to MITM attacks that allow the replacement of the original binaries with arbitrary ones. The stacks involved are Jav...

CVE-2021-41034

The build of some language stacks of Eclipse Che version 6 includes pulling some binaries from an unsecured HTTP endpoint. As a consequence the builds of such stacks are vulnerable to MITM attacks that allow the replacement of the original binaries with arbitrary ones. The stacks involved are Jav...

Design/Logic Flaw

The build of some language stacks of Eclipse Che version 6 includes pulling some binaries from an unsecured HTTP endpoint. As a consequence the builds of such stacks are vulnerable to MITM attacks that allow the replacement of the original binaries with arbitrary ones. The stacks involved are Jav...

CVE-2021-41034

The build of some language stacks of Eclipse Che version 6 includes pulling some binaries from an unsecured HTTP endpoint. As a consequence the builds of such stacks are vulnerable to MITM attacks that allow the replacement of the original binaries with arbitrary ones. The stacks involved are Jav...