Lucene search
K
JenkinsMost viewed

1464 matches found

Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•8 views

Path traversal vulnerability in Publish Over SSH

Publish Over SSH 1.22 and earlier performs a validation of the file name specifying whether it is present or not. This results in a path traversal vulnerability allowing attackers with Item/Configure permission to discover the name of the Jenkins controller files. As of publication of this...

4.3CVSS5AI score0.01504EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/10/06 12:0 a.m.•8 views

Improper handling of equivalent directory names on Windows

Jenkins stores jobs and other entities on disk using their name shown on the UI as file and folder names. On Windows, when specifying a file or folder with a trailing dot character example., the file or folder will be treated as if that character was not present example. As both are legal names f...

6.3CVSS5AI score0.00967EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/10/06 12:0 a.m.•8 views

Path traversal vulnerability on Windows

The file browser for workspaces, archived artifacts, and userContent/ in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier may interpret some paths to files as absolute on Windows. This results in a path traversal vulnerability allowing attackers with Overall/Read permission Windows controller o...

6.5CVSS6.5AI score0.02103EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/08/31 12:0 a.m.•8 views

saml allows bypassing CSRF protection for any URL

An extension point in Jenkins allows selectively disabling cross-site request forgery CSRF protection for specific URLs. saml implements this extension point for the URL that users are redirected to after login. In saml 2.0.7 and earlier this implementation is too permissive, allowing attackers t...

8.8CVSS7.8AI score0.0081EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/06/30 12:0 a.m.•8 views

Improper permission checks allow canceling queue items and aborting builds

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when they do not have Item/Read permission. Jenkins 2.300, LTS 2.289.2 requires that users have Item/Read permission for applicable types ...

4.3CVSS5AI score0.01982EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/06/10 12:0 a.m.•8 views

Missing permission checks allow enumerating credentials IDs in kubernetes-cli

kubernetes-cli 1.10.0 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another...

4.3CVSS5.1AI score0.0164EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/05/11 12:0 a.m.•8 views

Missing permission checks in s3 allow obtaining metadata about artifacts

s3 0.11.6 and earlier does not perform Run/Artifacts permission checks in various HTTP endpoints and API models. This allows attackers with Item/Read permission to obtain information about artifacts uploaded to S3, if the optional Run/Artifacts permission is enabled. s3 0.11.7 requires...

4.3CVSS5.1AI score0.00712EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/05/11 12:0 a.m.•8 views

Missing permission check in xray-connector allows enumerating credentials IDs

xray-connector 2.4.0 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability...

4.3CVSS5.1AI score0.00865EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/05/11 12:0 a.m.•8 views

CSRF vulnerability in xray-connector allows capturing credentials

xray-connector 2.4.0 and earlier does not require POST requests for a connection test method, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another...

7.1CVSS7AI score0.00642EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/04/21 12:0 a.m.•8 views

XXE vulnerability in config-file-provider

config-file-provider 3.7.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers with the ability to define Maven configuration files to have Jenkins parse a crafted configuration file that uses external entities for extraction of secrets...

8.1CVSS7.8AI score0.3783EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/04/21 12:0 a.m.•8 views

Missing permission checks in config-file-provider allow enumerating configuration file IDs

config-file-provider 3.7.0 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate configuration file IDs. An enumeration of configuration file IDs in config-file-provider 3.7.1 requires the appropriate permissions...

4.3CVSS5.5AI score0.00887EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/04/07 12:0 a.m.•8 views

Lack of type validation in agent related REST API

Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not validate the type of object created after loading the data submitted to the config.xml REST API endpoint of a node. This allows attackers with Computer/Configure permission to replace a node with one of a different type. Jenkins 2.287, L...

4.3CVSS5AI score0.02725EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/04/07 12:0 a.m.•8 views

View name validation bypass

Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not properly check that a newly created view has an allowed name. When a form to create a view is submitted, the name is included twice in the submission. One instance is validated, but the other instance is used to create the value. This...

4.3CVSS5AI score0.01905EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/03/18 12:0 a.m.•8 views

Missing permission checks in aws-credentials allows enumerating credentials IDs

aws-credentials 1.28 and earlier does not perform a permission check in a helper method for HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins if any of the following plugins are installed: Amazon Elastic Container...

4.3CVSS5.1AI score0.00722EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/01/13 12:0 a.m.•8 views

Path traversal vulnerability in agent names

Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows users with Agent/Configure permission to choose agent names that cause Jenkins to override unrelated config.xml files. If the global config.xml file is replaced, Jenkins will start up with unsafe legacy defaults after a restart. Jenkins...

8CVSS7.5AI score0.02219EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/01/13 12:0 a.m.•8 views

Reflected XSS vulnerability in markup formatter preview

Jenkins allows administrators to choose the markup formatter to use for descriptions of jobs, builds, views, etc. displayed in Jenkins. When editing such a description, users can choose to have Jenkins render a formatted preview of the description they entered. Jenkins 2.274 and earlier, LTS...

7.5CVSS6.2AI score0.01185EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/01/13 12:0 a.m.•8 views

Arbitrary file read vulnerability in workspace browsers

The file browser for workspaces, archived artifacts, and $JENKINSHOME/userContent/ follows symbolic links to locations outside the directory being browsed in Jenkins 2.274 and earlier, LTS 2.263.1 and earlier. This allows attackers with Job/Workspace permission and the ability to control workspac...

6.5CVSS5.5AI score0.02226EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/11/04 12:0 a.m.•8 views

Password written to the build log by sqlplus-script-runner

sqlplus-script-runner 2.0.12 and earlier prints the sqlplus command invocation to the build log. This log message does not redact a password provided as part of a command line argument. This password can be viewed by users with Item/Read permission. sqlplus-script-runner 2.0.13 no longer prints t...

6.5CVSS6.5AI score0.00977EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/11/04 12:0 a.m.•8 views

Stored XSS vulnerability in Static Analysis Utilities

Static Analysis Utilities 1.96 and earlier does not escape the annotation message in tooltips. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission. As of publication of this advisory, there is no fix...

8CVSS5.3AI score0.00711EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/11/04 12:0 a.m.•8 views

Login allowed with empty password by active-directory

active-directory implements two separate modes: Integration with ADSI on Windows, and an OS agnostic LDAP-based mode. The Windows/ADSI mode does not specifically prohibit use of empty passwords in active-directory 2.19 and earlier. If the Active Directory server allows the unauthenticated bind...

9.8CVSS8.4AI score0.01652EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/11/04 12:0 a.m.•8 views

Missing permission check in active-directory allows accessing domain health check page

active-directory 2.19 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to access the domain health check diagnostic page. active-directory 2.20 requires Overall/Administer permission to access the domain health check diagnosti...

4.3CVSS5.1AI score0.00668EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/11/04 12:0 a.m.•8 views

CSRF vulnerability in active-directory

active-directory 2.19 and earlier does not require POST requests for multiple HTTP endpoints implementing connection and authentication tests, resulting in cross-site request forgery CSRF vulnerabilities. This vulnerability allows attackers to perform connection tests, connecting to...

4.3CVSS5AI score0.00671EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/11/04 12:0 a.m.•8 views

Missing permission checks in ansible allow enumerating credentials IDs

ansible 1.0 and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another...

4.3CVSS5.1AI score0.00792EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/10/08 12:0 a.m.•8 views

Request logging could be bypassed in audit-trail

audit-trail logs requests whose URL path matches an admin-configured regular expression. A discrepancy between the behavior of the plugin and the Stapler web framework in parsing URL paths allows attackers to craft URLs that would bypass request logging in audit-trail 3.6 and earlier. This only...

5.3CVSS5.7AI score0.01169EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/10/08 12:0 a.m.•8 views

CSRF vulnerability in shared-objects

shared-objects 0.44 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to configure shared objects. As of publication of this advisory, there is no fix...

4.3CVSS5AI score0.0076EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/23 12:0 a.m.•8 views

Sandbox bypass vulnerability in script-security

script-security provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are generally safe to execute. Calls to code defined inside a sandboxed script are intercepted, and various allowlists are checked to determine whether the call is to be allowe...

9.9CVSS8.7AI score0.02126EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/23 12:0 a.m.•8 views

Stored XSS vulnerability in liquibase-runner

liquibase-runner 1.4.5 and earlier does not escape changeset contents when showing them on the build page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide Liquibase changesets evaluated by the plugin. liquibase-runner 1.4.7 no longer suppor...

8CVSS5.4AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/16 12:0 a.m.•8 views

Passwords stored in plain text by elastest

elastest 1.2.1 and earlier stores its server password in plain text in the global configuration file jenkins.plugins.elastest.ElasTestInstallation.xml. This password can be viewed by users with access to the Jenkins controller file system. As of publication of this advisory, there is no fix...

5.5CVSS5.7AI score0.00259EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/16 12:0 a.m.•8 views

Missing permission check in perfecto

perfecto 1.17 and earlier does not perform a permission check in a method implementing a connection test. This allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL using attacker-specified username and password. perfecto 1.18 requires Overall/Administer...

4.3CVSS5.1AI score0.00656EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/16 12:0 a.m.•8 views

Stored XSS vulnerability in android-lint

android-lint 2.6 and earlier does not escape the annotation message in tooltips. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the 'Publish Android Lint results' post-build step. As of publication of this advisory, there i...

8CVSS5.3AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/16 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in mongodb

mongodb 1.3 and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to gain access to some metadata of any arbitrary files on the Jenkins controller. Additionally, these form validation methods do not require POST...

8.8CVSS6.4AI score0.00691EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/16 12:0 a.m.•8 views

Stored XSS vulnerability in chosen-views-tabbar

chosen-views-tabbar 1.2 and earlier does not escape view names in the dropdown to select views. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with the ability to configure views. As of publication of this advisory, there is no fix...

8CVSS5.4AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/16 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in elastest

elastest 1.2.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. Additionally, this form validation method does not require POST...

4.3CVSS4.9AI score0.00679EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/16 12:0 a.m.•8 views

Path traversal vulnerability in blueocean

blueocean 1.23.2 and earlier provides an undocumented feature flag, blueocean.features.GITREADSAVETYPE, that when set to the value clone allows an attacker with Item/Configure or Item/Create permission to read arbitrary files on the Jenkins controller file system. blueocean 1.23.3 no longer...

6.5CVSS6.5AI score0.02126EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/01 12:0 a.m.•8 views

Secret stored in plain text by Parameterized-Remote-Trigger

Parameterized-Remote-Trigger 3.1.3 and earlier stores a secret unencrypted in its global configuration file org.jenkinsci.plugins.ParameterizedRemoteTrigger.RemoteBuildConfiguration.xml on the Jenkins controller as part of its configuration. This secret can be viewed by attackers with access to t...

4.3CVSS5.1AI score0.00524EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/01 12:0 a.m.•8 views

Credentials stored in plain text by tfs

tfs 5.157.1 and earlier stores a webhook secret unencrypted in its global configuration file hudson.plugins.tfs.TeamPluginGlobalConfig.xml on the Jenkins controller as part of its configuration. This secret can be viewed by attackers with access to the Jenkins controller file system. As of...

3.3CVSS4.8AI score0.00257EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/01 12:0 a.m.•8 views

CSRF vulnerability in database

database 1.6 and earlier does not require POST requests for the database console, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to execute arbitrary SQL scripts. database 1.7 removes the database console...

8.8CVSS8.5AI score0.00691EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/08/12 12:0 a.m.•8 views

CSRF vulnerability in flaky-test-handler

flaky-test-handler 1.0.4 and earlier does not require POST requests for the "Deflake this build" feature, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to rebuild a project at a previous git revision where the tests were failing. As of publicati...

4.3CVSS4.9AI score0.00679EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/08/12 12:0 a.m.•8 views

SMTP password transmitted and displayed in plain text by email-ext

email-ext stores an SMTP password in its global configuration file hudson.plugins.emailext.ExtendedEmailPublisher.xml on the Jenkins controller as part of its configuration. While this password is stored encrypted on disk, it is transmitted and displayed in plain text as part of the configuration...

7.5CVSS7.3AI score0.00755EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/08/12 12:0 a.m.•8 views

Stored XSS vulnerability in yet-another-build-visualizer

yet-another-build-visualizer 1.11 and earlier does not escape tooltip content. This results in a stored cross-site scripting XSS vulnerability exploitable by users with Run/Update permission. yet-another-build-visualizer 1.12 escapes tooltip content...

8CVSS6.3AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/15 12:0 a.m.•8 views

Stored XSS vulnerability in job build time trend

Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the agent name on build time trend pages. This results in a stored cross-site scripting XSS vulnerability exploitable by users with Agent/Configure permission. Jenkins 2.245, LTS 2.235.2 escapes the agent name...

8CVSS5.3AI score0.01023EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/15 12:0 a.m.•8 views

Stored XSS vulnerability in single axis builds tooltips in matrix-project

matrix-project 1.16 and earlier does not escape node names shown in tooltips on the overview page of builds with a single axis. This results in a stored cross-site scripting XSS vulnerability exploitable by users with Agent/Configure permission. matrix-project 1.17 escapes the node names shown in...

8CVSS5.8AI score0.00919EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•8 views

Stored XSS vulnerability in sonargraph-integration

sonargraph-integration 3.0.0 and earlier does not escape the file path for the Log file field form validation. This results in a stored cross-site scripting XSS vulnerability that can be exploited by users with Job/Configure permission. sonargraph-integration 3.0.1 escapes the affected part of th...

5.4CVSS5.3AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•8 views

Secret stored in plain text by slack-uploader

slack-uploader 1.7 and earlier stores a secret unencrypted in job config.xml files as part of its configuration. This secret can be viewed by users with Extended Read permission or access to the Jenkins controller file system. As of publication of this advisory, there is no fix...

4.3CVSS5.1AI score0.00691EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•8 views

Password stored in plain text by TestComplete

TestComplete 2.4.1 and earlier stores a password unencrypted in job config.xml files as part of its configuration. This password can be viewed by users with Extended Read permission or access to the Jenkins controller file system. As of publication of this advisory, there is no fix...

4.3CVSS5.1AI score0.00691EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•8 views

Passwords transmitted in plain text by StashBranchParameter

StashBranchParameter stores Stash API passwords in its global configuration file org.jenkinsci.plugins.StashBranchParameter.StashBranchParameterDefinition.xml on the Jenkins controller as part of its configuration. While the password is stored encrypted on disk, it is transmitted in plain text as...

4.3CVSS4.8AI score0.00657EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•8 views

Stored XSS vulnerability in script-security

script-security 1.72 and earlier does not correctly escape pending or approved classpath entries on the In-process Script Approval page. This results in a stored cross-site scripting XSS vulnerability exploitable by users able to configure sandboxed scripts. script-security 1.73 escapes pending a...

5.4CVSS5.3AI score0.0076EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•8 views

Missing permission check in project-inheritance

Jenkins limits access to job configuration XML data config.xml to users with Job/ExtendedRead permission, typically implied by Job/Configure permission. project-inheritance has several job inspection features, including the API URL /job/.../getConfigAsXML for its Inheritance Project job type that...

6.5CVSS5.5AI score0.00798EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•8 views

OS command injection vulnerability in Play Framework

A form validation endpoint in Play Framework executes the play command to validate a given input file. Play Framework 1.0.2 and earlier lets users specify the path to the play command on the Jenkins controller. This results in an OS command injection vulnerability exploitable by users able to sto...

8.8CVSS8AI score0.02422EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•8 views

XSS vulnerability in svn-partial-release-mgr

svn-partial-release-mgr 1.0.1 and earlier does not escape the error message for the repository URL field form validation. This results in a reflected cross-site scripting XSS vulnerability that can also be exploited similar to a stored cross-site scripting vulnerability by users with Job/Configur...

6.1CVSS5.8AI score0.06189EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1464