Lucene search
+L
JenkinsMost viewed

1464 matches found

jenkins
jenkins
added 2023/11/29 12:0 a.m.8 views

CSRF vulnerabilities and missing permission checks in matlab allow XXE

matlab determines whether a user-specified directory on the Jenkins controller is the location of a MATLAB installation by parsing an XML file in that directory. matlab 2.11.0 and earlier does not perform permission checks in several HTTP endpoints implementing related form validation...

9.8CVSS8.3AI score0.00844EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/10/25 12:0 a.m.8 views

Non-constant time webhook token hash comparison in zanata

zanata 0.6 and earlier does not use a constant-time comparison when checking whether the provided and expected webhook token hashes are equal. This could potentially allow attackers to use statistical methods to obtain a valid webhook token. As of publication of this advisory, there is no fix...

5.3CVSS5.7AI score0.00462EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/10/25 12:0 a.m.8 views

Missing permission check in lambdatest-automation allows enumerating credentials IDs

lambdatest-automation 1.20.9 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of LAMBDATEST credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using...

4.3CVSS5.1AI score0.00394EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/10/25 12:0 a.m.8 views

Exposure of token through logs in lambdatest-automation

lambdatest-automation 1.20.10 and earlier logs LAMBDATEST Credentials access token at the INFO level. This can result in accidental exposure of the token through the default system log. lambdatest-automation 1.21.0 no longer logs LAMBDATEST Credentials access token...

6.5CVSS5.2AI score0.00363EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/10/25 12:0 a.m.8 views

Non-constant time webhook token comparison in gogs-webhook

gogs-webhook 1.0.15 and earlier does not use a constant-time comparison when checking whether the provided and expected webhook token are equal. This could potentially allow attackers to use statistical methods to obtain a valid webhook token. As of publication of this advisory, there is no fix...

5.3CVSS5.1AI score0.00569EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/10/25 12:0 a.m.8 views

Arbitrary file read vulnerability in electricflow

electricflow temporarily copies files from an agent workspace to the controller in preparation for publishing them in the 'CloudBees CD - Publish Artifact' post-build step. electricflow 1.1.32 and earlier follows symbolic links to locations outside of the temporary directory on the controller whe...

6.5CVSS6.6AI score0.01159EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/10/18 12:0 a.m.8 views

HTTP/2 denial of service vulnerabilities in bundled Jetty

Jenkins bundles Winstone-Jetty, a wrapper around Jetty, to act as HTTP and servlet server when started using java -jar jenkins.war. This is how Jenkins is run when using any of the installers or packages, but not when run using servlet containers such as Tomcat. Jenkins 2.427 and earlier, LTS...

7.5CVSS7.1AI score0.99999EPSS
Exploits20Affected Software1
jenkins
jenkins
added 2023/09/20 12:0 a.m.8 views

Stored XSS vulnerability

ExpandableDetailsNote allows annotating build log content with additional information that can be revealed when interacted with. Jenkins 2.423 and earlier, LTS 2.414.1 and earlier does not escape the value of the caption constructor parameter of ExpandableDetailsNote. This results in a stored...

8CVSS5.9AI score0.00883EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/09/06 12:0 a.m.8 views

Incorrect permission checks in qualys-cs

qualys-cs 1.6.2.6 and earlier does not correctly perform a permission check in multiple HTTP endpoints. This allows attackers with global Item/Configure permission while lacking Item/Configure permission on any particular job to do the following: Enumerate credentials IDs of credentials stored in...

7.1CVSS5.1AI score0.00317EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/09/06 12:0 a.m.8 views

Stored XSS vulnerability in tap

tap 2.3 and earlier does not escape TAP file contents. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control TAP file contents. As of publication of this advisory, there is no fix. Learn why we announce this...

8CVSS5.3AI score0.00542EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/09/06 12:0 a.m.8 views

Missing permission check in aws-codecommit-trigger allows enumerating credentials IDs

aws-codecommit-trigger 3.0.12 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another...

4.3CVSS5.1AI score0.00371EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/09/06 12:0 a.m.8 views

CSRF vulnerability and missing permission checks in frugal-testing

frugal-testing 1.1 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to do the following: Connect to Frugal Testing using attacker-specified username and password. Retrieve test IDs and names from Frugal Testing, if a vali...

5.4CVSS4.9AI score0.00371EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/09/06 12:0 a.m.8 views

Improper masking of credentials in pipeline-maven

pipeline-maven integrates with https://plugins.jenkins.io/config-file-provider/Config File Provider Plugin to specify custom Maven settings, including credentials for authentication. pipeline-maven 1330.v18e473854496 and earlier does not properly mask i.e., replace with asterisks usernames of...

5.3CVSS5.7AI score0.00544EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/09/06 12:0 a.m.8 views

CSRF vulnerability in ivy

ivy 2.5 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to delete disabled modules. As of publication of this advisory, there is no fix. Learn why we announce this...

6.5CVSS6.3AI score0.00309EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/09/06 12:0 a.m.8 views

Path traversal allows exploiting XSS vulnerability in jobConfigHistory

jobConfigHistory 1227.v7a79fc4dc01f and earlier does not restrict a name query parameter when rendering a history entry. This allows attackers to have Jenkins render a manipulated configuration history that was not created by the plugin. The history view does not property sanitize or escape the...

8CVSS5AI score0.0076EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/09/06 12:0 a.m.8 views

Non-constant time token comparison in google-login

google-login 1.7 and earlier does not use a constant-time comparison when checking whether the provided and expected token are equal. This could potentially allow attackers to use statistical methods to obtain a valid token. google-login 1.8 uses a constant-time comparison when validating the tok...

7.5CVSS7.3AI score0.00676EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/08/16 12:0 a.m.8 views

CSRF vulnerability in cloudbees-folder

cloudbees-folder 6.846.v23698686f0f6 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to copy a view inside a folder. cloudbees-folder 6.848.ve3bfd7839a81 requires POST requests for t...

4.3CVSS4.9AI score0.00331EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/08/16 12:0 a.m.8 views

CSRF vulnerability and missing permission checks in fortify allow capturing credentials

fortify 22.1.38 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

5.4CVSS5AI score0.00268EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/08/16 12:0 a.m.8 views

Unsafe default behavior and information disclosure in gogs-webhook webhook

gogs-webhook provides a webhook endpoint at /gogs-webhook that can be used to trigger builds of jobs. In gogs-webhook 1.0.15 and earlier, an option to specify a Gogs secret for this webhook is provided, but not enabled by default. This allows unauthenticated attackers to trigger builds of jobs...

6.5CVSS5.5AI score0.00577EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/08/16 12:0 a.m.8 views

Stored XSS vulnerability in flaky-test-handler

flaky-test-handler 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control JUnit report file contents. flaky-test-handler 1.2.3 escapes JUnit test contents...

8CVSS5.3AI score0.00521EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/08/16 12:0 a.m.8 views

Exposure of system-scoped credentials in maven-artifact-choicelistprovider

maven-artifact-choicelistprovider 1.14 and earlier does not set the appropriate context for credentials lookup, allowing the use of System-scoped credentials otherwise reserved for the global configuration. This allows attackers with Item/Configure permission to access and capture credentials the...

6.5CVSS6.4AI score0.00557EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/07/26 12:0 a.m.8 views

Incorrect control flow in gradle breaks credentials masking in the build log

gradle 2.8 improperly invokes APIs available only on the controller from an agent when setting up build log annotations, causing an exception. As a result, credentials may not be masked i.e., replaced with asterisks in the build log in some circumstances. gradle 2.8.1 improves the control flow an...

6.5CVSS6.4AI score0.00637EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/06/14 12:0 a.m.8 views

CSRF protection bypass vulnerability

Jenkins provides context menus for various UI elements, like links to jobs and builds, or breadcrumbs. In Jenkins 2.399 and earlier, LTS 2.387.3 and earlier, POST requests are sent in order to load the list of context actions. If part of the URL includes insufficiently escaped user-provided value...

8CVSS7.5AI score0.0086EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/06/14 12:0 a.m.8 views

Missing permission check in dimensionsscm allows enumerating credentials IDs

dimensionsscm 0.9.3 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability...

6.5CVSS5.5AI score0.00625EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/06/14 12:0 a.m.8 views

CSRF vulnerability and missing permission checks in ease-plugin

ease-plugin 2.6 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS5.8AI score0.00658EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/05/16 12:0 a.m.8 views

Secrets stored and displayed in plain text by ansible

ansible allows the specification of extra variables that can be passed to Ansible. These extra variables are commonly used to pass secrets. ansible 204.v8191fd551ebf and earlier stores these extra variables unencrypted in job config.xml files on the Jenkins controller as part of its configuration...

5.3CVSS5.1AI score0.00379EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/05/16 12:0 a.m.8 views

CSRF vulnerability and missing permission checks in azure-vm-agents

azure-vm-agents 852.v8d35f0960a43 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method...

8.8CVSS6.9AI score0.00578EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/05/16 12:0 a.m.8 views

Stored XSS vulnerability in testng-plugin

testng-plugin 730.v4c5283037693 and earlier does not escape several values that are parsed from TestNG report files and displayed on the plugin's test information pages. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide a crafted TestNG repor...

8CVSS5.3AI score0.00456EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/03/21 12:0 a.m.8 views

XXE vulnerability in vs-code-metrics

vs-code-metrics 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control VS Code Metrics File contents to have Jenkins parse a crafted XML document that uses external entities for extraction of secrets from the Jenkins...

8.2CVSS7.9AI score0.00569EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/03/21 12:0 a.m.8 views

XXE vulnerability in remote-jobs-view-plugin

remote-jobs-view-plugin 0.0.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows authenticated attackers with Overall/Read permission to have Jenkins parse a crafted XML document that uses external entities for extraction of secrets from the...

7.1CVSS6.5AI score0.00715EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/03/21 12:0 a.m.8 views

XXE vulnerability in crap4j

crap4j 0.9 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control Crap Report file contents to have Jenkins parse a crafted XML document that uses external entities for extraction of secrets from the Jenkins controller or...

7.5CVSS7.3AI score0.00766EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/03/21 12:0 a.m.8 views

Stored XSS vulnerability in jacoco

jacoco 3.3.2 and earlier does not escape class and method names shown on the UI. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control input files for the 'Record JaCoCo coverage report' post-build action. jacoco 3.3.2.1 escapes class and method...

8CVSS5.3AI score0.0056EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/03/21 12:0 a.m.8 views

Incorrect permission checks in role-strategy

Permissions in Jenkins can be enabled and disabled. Some permissions are disabled by default, e.g., Overall/Manage or Item/Extended Read. Disabled permissions cannot be granted directly, only through greater permissions that imply them e.g., Overall/Administer or Item/Configure. role-strategy...

9.8CVSS8.2AI score0.00828EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/03/08 12:0 a.m.8 views

XSS vulnerability in plugin manager

Jenkins 2.270 through 2.393 both inclusive, LTS 2.277.1 through 2.375.3 both inclusive does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins in the plugin manager. This results in a stored cross-sit...

9.6CVSS7.1AI score0.0184EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/02/15 12:0 a.m.8 views

Script Security sandbox bypass vulnerability in email-ext

email-ext allows defining custom email templates using https://plugins.jenkins.io/config-file-provider/Config File Provider plugin as Jelly or Groovy files. When defined inside a https://plugins.jenkins.io/cloudbees-folder/folder, email templates need to be subject to Script Security protection...

9.9CVSS9AI score0.01095EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2023/01/24 12:0 a.m.8 views

Missing permission check in ghprb allows enumerating credentials IDs

ghprb 1.42.2 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability. As of...

4.3CVSS5.1AI score0.00661EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2022/10/19 12:0 a.m.8 views

Agent-to-controller security bypass vulnerability in Katalon

Katalon 1.0.32 and earlier implements an agent/controller message that does not limit where it can be executed and allows invoking Katalon with configurable arguments. It allows attackers able to control agent processes to invoke Katalon on the Jenkins controller with attacker-controlled version,...

8.8CVSS8.3AI score0.01088EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2022/10/19 12:0 a.m.8 views

Agent-to-controller security bypass vulnerability in compuware-topaz-utilities

compuware-topaz-utilities 1.0.8 and earlier implements an agent/controller message that does not limit where it can be executed. It allows attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process. NOTE: This vulnerability is only...

5.3CVSS5.9AI score0.00666EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2022/10/19 12:0 a.m.8 views

Agent-to-controller security bypass vulnerability in compuware-scm-downloader

compuware-scm-downloader 2.0.12 and earlier implements an agent/controller message that does not limit where it can be executed. It allows attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process. NOTE: This vulnerability is only...

5.3CVSS5.9AI score0.00579EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2022/10/19 12:0 a.m.8 views

XXE vulnerability in compuware-topaz-for-total-test

compuware-topaz-for-total-test 2.4.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control the input files for the 'Topaz for Total Test - Execute Total Test scenarios' build step to have Jenkins parse a crafted XML documen...

7.5CVSS7.4AI score0.00712EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2022/09/21 12:0 a.m.8 views

XXE vulnerability in compuware-common-configuration

compuware-common-configuration 1.0.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to change the contents of the Topaz Workbench CLI home directory on agents to have Jenkins parse a crafted file that uses external entities fo...

9.8CVSS8.4AI score0.00787EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2022/09/21 12:0 a.m.8 views

Stored XSS vulnerability in DotCi

DotCi 2.40.00 and earlier does not escape the GitHub user name parameter provided to commit notifications when displaying them in a build cause. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to submit crafted commit notifications to the /githook/...

8.8CVSS5.3AI score0.00587EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2022/09/21 12:0 a.m.8 views

API token stored in plain text by CONS3RT

CONS3RT 1.0.0 and earlier stores Cons3rt API token unencrypted in job config.xml files on the Jenkins controller as part of its configuration. This API token can be viewed by users with access to the Jenkins controller file system. As of publication of this advisory, there is no fix. Learn why we...

6.5CVSS6.4AI score0.00676EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2022/09/21 12:0 a.m.8 views

Missing hostname validation in view26

view26 1.0.7 and earlier does not perform hostname validation when connecting to the configured View26 server. This lack of validation could be abused using a man-in-the-middle attack to intercept these connections. As of publication of this advisory, there is no fix. Learn why we announce this...

8.1CVSS7.6AI score0.00539EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2022/09/09 12:0 a.m.8 views

HTTP/2 denial of service vulnerability in bundled Jetty

Jenkins bundles Winstone-Jetty, a wrapper around Jetty, to act as HTTP and servlet server when started using java -jar jenkins.war. This is how Jenkins is run when using any of the installers or packages, but not when run using servlet containers such as Tomcat. Jenkins LTS 2.346.3 and earlier,...

7.5CVSS6.5AI score0.0227EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2022/08/23 12:0 a.m.8 views

Stored XSS vulnerability in jobConfigHistory

jobConfigHistory 1165.v8cc9fd1f4597 and earlier does not escape the job name on the System Configuration History page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure job names. jobConfigHistory 1166.vc9f255f45b8a escapes the job name on...

8CVSS5.4AI score0.0059EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2022/07/27 12:0 a.m.8 views

CSRF vulnerability in jobConfigHistory

jobConfigHistory 1155.v28a46acc06a5 and earlier does not require POST requests for several HTTP endpoints, resulting in cross-site request forgery CSRF vulnerabilities. These vulnerabilities allow attackers to delete entries from job, agent, and system configuration history, or restore older...

4.3CVSS5AI score0.00362EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2022/07/27 12:0 a.m.8 views

Missing permission checks in compuware-ispw-operations

compuware-ispw-operations 1.0.8 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins. Those credentials IDs can be...

4.3CVSS5AI score0.00581EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2022/07/27 12:0 a.m.8 views

Missing permission check in deployer-framework allows reading deployment logs

deployer-framework 85.v1d1888e8c021 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Item/Read permission to read deployment logs. deployer-framework 86.v7ba4a55bf3ec requires Deploy Now/Deploy permission to read deployment logs...

4.3CVSS5AI score0.00486EPSS
Exploits0Affected Software1
jenkins
jenkins
added 2022/07/27 12:0 a.m.8 views

Missing permission checks in compuware-xpediter-code-coverage

compuware-xpediter-code-coverage 1.0.7 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins. Those credentials IDs...

4.3CVSS5AI score0.00569EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1464