Lucene search
+L
JenkinsMost viewed

1464 matches found

Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/08/16 12:0 a.m.•8 views

Exposure of system-scoped credentials in maven-artifact-choicelistprovider

maven-artifact-choicelistprovider 1.14 and earlier does not set the appropriate context for credentials lookup, allowing the use of System-scoped credentials otherwise reserved for the global configuration. This allows attackers with Item/Configure permission to access and capture credentials the...

6.5CVSS6.4AI score0.00557EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/07/26 12:0 a.m.•8 views

Incorrect control flow in gradle breaks credentials masking in the build log

gradle 2.8 improperly invokes APIs available only on the controller from an agent when setting up build log annotations, causing an exception. As a result, credentials may not be masked i.e., replaced with asterisks in the build log in some circumstances. gradle 2.8.1 improves the control flow an...

6.5CVSS6.4AI score0.00637EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/07/12 12:0 a.m.•8 views

Missing permission check in miniorange-saml-sp

miniorange-saml-sp 2.3.0 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to download a string representation of the current security realm Java ObjecttoString, which potentially includes sensitive information...

4.3CVSS5.1AI score0.00448EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/07/12 12:0 a.m.•8 views

Password transmitted in plain text by active-directory

active-directory allows testing a new, unsaved configuration by performing a connection test the button labeled "Test Domain". active-directory 2.30 and earlier ignores the "Require TLS" and "StartTls" options and always performs the connection test to Active directory unencrypted. This allows...

5.9CVSS5.9AI score0.00459EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/07/12 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in elasticbox allow capturing credentials

elasticbox 5.0.1 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS7.2AI score0.00745EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/06/14 12:0 a.m.•8 views

CSRF protection bypass vulnerability

Jenkins provides context menus for various UI elements, like links to jobs and builds, or breadcrumbs. In Jenkins 2.399 and earlier, LTS 2.387.3 and earlier, POST requests are sent in order to load the list of context actions. If part of the URL includes insufficiently escaped user-provided value...

8CVSS7.5AI score0.0086EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/06/14 12:0 a.m.•8 views

Missing permission check in dimensionsscm allows enumerating credentials IDs

dimensionsscm 0.9.3 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability...

6.5CVSS5.5AI score0.00625EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/06/14 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in ease-plugin

ease-plugin 2.6 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS5.8AI score0.00658EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•8 views

Secrets stored and displayed in plain text by ansible

ansible allows the specification of extra variables that can be passed to Ansible. These extra variables are commonly used to pass secrets. ansible 204.v8191fd551ebf and earlier stores these extra variables unencrypted in job config.xml files on the Jenkins controller as part of its configuration...

5.3CVSS5.1AI score0.00379EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•8 views

Stored XSS vulnerability in testng-plugin

testng-plugin 730.v4c5283037693 and earlier does not escape several values that are parsed from TestNG report files and displayed on the plugin's test information pages. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide a crafted TestNG repor...

8CVSS5.3AI score0.00456EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in azure-vm-agents

azure-vm-agents 852.v8d35f0960a43 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method...

8.8CVSS6.9AI score0.00578EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•8 views

XXE vulnerability in crap4j

crap4j 0.9 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control Crap Report file contents to have Jenkins parse a crafted XML document that uses external entities for extraction of secrets from the Jenkins controller or...

7.5CVSS7.3AI score0.00766EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•8 views

XXE vulnerability in vs-code-metrics

vs-code-metrics 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control VS Code Metrics File contents to have Jenkins parse a crafted XML document that uses external entities for extraction of secrets from the Jenkins...

8.2CVSS7.9AI score0.00569EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•8 views

Stored XSS vulnerability in jacoco

jacoco 3.3.2 and earlier does not escape class and method names shown on the UI. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control input files for the 'Record JaCoCo coverage report' post-build action. jacoco 3.3.2.1 escapes class and method...

8CVSS5.3AI score0.0056EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/08 12:0 a.m.•8 views

XSS vulnerability in plugin manager

Jenkins 2.270 through 2.393 both inclusive, LTS 2.277.1 through 2.375.3 both inclusive does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins in the plugin manager. This results in a stored cross-sit...

9.6CVSS7.1AI score0.0184EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/08 12:0 a.m.•8 views

Temporary plugin file created with insecure permissions

Jenkins creates a temporary file when a plugin is uploaded from an administrator's computer. Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates this temporary file in the system temporary directory with the default permissions for newly created files. If these permissions are overly...

7CVSS7.6AI score0.00233EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•8 views

Path traversal vulnerability in visualexpert

visualexpert 1.3 and earlier does not restrict the names of files in methods implementing form validation. This allows attackers with Item/Configure permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. As of publication of this advisory,...

4.3CVSS5.1AI score0.01187EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•8 views

CSRF vulnerability and missing permission check in testquality-updater

testquality-updater 1.3 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password. Additionally, this form validation method do...

8.8CVSS6.9AI score0.00723EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•8 views

Session fixation vulnerability in azure-ad

azure-ad 303.va91ef20ee49f and earlier does not invalidate the existing session on login. This allows attackers to use social engineering techniques to gain administrator access to Jenkins. azure-ad 306.va7083923fd50 invalidates the existing session on login...

8.8CVSS7.9AI score0.01018EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•8 views

Missing permission check in ghprb allows enumerating credentials IDs

ghprb 1.42.2 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability. As of...

4.3CVSS5.1AI score0.00661EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•8 views

XXE vulnerability on agents in mstest

mstest 1.0.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control the contents of the report file for the 'Publish MSTest test result report' post-build step to have agent processes parse a crafted file that uses external...

9.8CVSS8.6AI score0.01215EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/11/15 12:0 a.m.•8 views

XXE vulnerability on agents in violations

violations 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers to to control XML input files for the 'Report Violations' post-build step to have agent processes parse a crafted file that uses external entities for extraction of...

5.5CVSS6AI score0.00262EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/11/15 12:0 a.m.•8 views

Incorrect permission checks in support-core

support-core defines the permission Support/DownloadBundle that allows users without Overall/Administer permission to create and download support bundles containing a limited set of diagnostic information. support-core 1206.v14049fabd860 and earlier does not correctly perform permission checks in...

6.5CVSS6.4AI score0.00649EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/11/15 12:0 a.m.•8 views

Stored XSS vulnerability in naginator

naginator 1.18.1 and earlier does not escape display names of source builds in builds that were triggered via Retry action. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to edit build display names. naginator 1.18.2 escapes display names of source...

8CVSS5.3AI score0.00589EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/11/15 12:0 a.m.•8 views

Arbitrary file read vulnerability in Config Rotator

Config Rotator 2.0.1 and earlier does not restrict a file name query parameter in an HTTP endpoint. This allows unauthenticated attackers to read arbitrary files with .xml extension on the Jenkins controller file system. As of publication of this advisory, there is no fix. Learn why we announce...

7.5CVSS7.4AI score0.01061EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/10/19 12:0 a.m.•8 views

Agent-to-controller security bypass vulnerability in Katalon

Katalon 1.0.32 and earlier implements an agent/controller message that does not limit where it can be executed and allows invoking Katalon with configurable arguments. It allows attackers able to control agent processes to invoke Katalon on the Jenkins controller with attacker-controlled version,...

8.8CVSS8.3AI score0.01088EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/10/19 12:0 a.m.•8 views

Agent-to-controller security bypass vulnerability in compuware-topaz-utilities

compuware-topaz-utilities 1.0.8 and earlier implements an agent/controller message that does not limit where it can be executed. It allows attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process. NOTE: This vulnerability is only...

5.3CVSS5.9AI score0.00666EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/10/19 12:0 a.m.•8 views

Agent-to-controller security bypass vulnerability in compuware-scm-downloader

compuware-scm-downloader 2.0.12 and earlier implements an agent/controller message that does not limit where it can be executed. It allows attackers able to control agent processes to obtain the values of Java system properties from the Jenkins controller process. NOTE: This vulnerability is only...

5.3CVSS5.9AI score0.00579EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/10/19 12:0 a.m.•8 views

XXE vulnerability in compuware-topaz-for-total-test

compuware-topaz-for-total-test 2.4.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control the input files for the 'Topaz for Total Test - Execute Total Test scenarios' build step to have Jenkins parse a crafted XML documen...

7.5CVSS7.4AI score0.00712EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/09/21 12:0 a.m.•8 views

XXE vulnerability in compuware-common-configuration

compuware-common-configuration 1.0.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to change the contents of the Topaz Workbench CLI home directory on agents to have Jenkins parse a crafted file that uses external entities fo...

9.8CVSS8.4AI score0.00787EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/09/21 12:0 a.m.•8 views

Missing hostname validation in view26

view26 1.0.7 and earlier does not perform hostname validation when connecting to the configured View26 server. This lack of validation could be abused using a man-in-the-middle attack to intercept these connections. As of publication of this advisory, there is no fix. Learn why we announce this...

8.1CVSS7.6AI score0.00539EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/09/21 12:0 a.m.•8 views

Lack of authentication mechanism in DotCi webhook

DotCi provides a webhook endpoint at /githook/ that can be used to trigger builds of the job for a GitHub repository. In DotCi 2.40.00 and earlier, this endpoint can be accessed without authentication. This allows unauthenticated attackers to trigger builds of jobs corresponding to the...

9.8CVSS8.2AI score0.00879EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/09/21 12:0 a.m.•8 views

Stored XSS vulnerability in DotCi

DotCi 2.40.00 and earlier does not escape the GitHub user name parameter provided to commit notifications when displaying them in a build cause. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to submit crafted commit notifications to the /githook/...

8.8CVSS5.3AI score0.00587EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/09/21 12:0 a.m.•8 views

API token stored in plain text by CONS3RT

CONS3RT 1.0.0 and earlier stores Cons3rt API token unencrypted in job config.xml files on the Jenkins controller as part of its configuration. This API token can be viewed by users with access to the Jenkins controller file system. As of publication of this advisory, there is no fix. Learn why we...

6.5CVSS6.4AI score0.00676EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/09/09 12:0 a.m.•8 views

HTTP/2 denial of service vulnerability in bundled Jetty

Jenkins bundles Winstone-Jetty, a wrapper around Jetty, to act as HTTP and servlet server when started using java -jar jenkins.war. This is how Jenkins is run when using any of the installers or packages, but not when run using servlet containers such as Tomcat. Jenkins LTS 2.346.3 and earlier,...

7.5CVSS6.5AI score0.0227EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/08/23 12:0 a.m.•8 views

Stored XSS vulnerability in jobConfigHistory

jobConfigHistory 1165.v8cc9fd1f4597 and earlier does not escape the job name on the System Configuration History page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure job names. jobConfigHistory 1166.vc9f255f45b8a escapes the job name on...

8CVSS5.4AI score0.0059EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/07/27 12:0 a.m.•8 views

CSRF vulnerability in jobConfigHistory

jobConfigHistory 1155.v28a46acc06a5 and earlier does not require POST requests for several HTTP endpoints, resulting in cross-site request forgery CSRF vulnerabilities. These vulnerabilities allow attackers to delete entries from job, agent, and system configuration history, or restore older...

4.3CVSS5AI score0.00362EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/07/27 12:0 a.m.•8 views

Agent-to-controller security bypass in compuware-ispw-operations

compuware-ispw-operations defines a controller/agent message that retrieves Java system properties. compuware-ispw-operations 1.0.8 and earlier does not restrict execution of the controller/agent message to agents. This allows attackers able to control agent processes to retrieve Java system...

8.2CVSS7.9AI score0.0085EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/07/27 12:0 a.m.•8 views

Missing permission checks in openstack-heat allow listing the Jenkins controller file system

openstack-heat 1.5 and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. A sequence of requests can be used to...

4.3CVSS5AI score0.00486EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/07/27 12:0 a.m.•8 views

Missing permission check in deployer-framework allows reading deployment logs

deployer-framework 85.v1d1888e8c021 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Item/Read permission to read deployment logs. deployer-framework 86.v7ba4a55bf3ec requires Deploy Now/Deploy permission to read deployment logs...

4.3CVSS5AI score0.00486EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/07/27 12:0 a.m.•8 views

Missing permission checks in compuware-ispw-operations

compuware-ispw-operations 1.0.8 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins. Those credentials IDs can be...

4.3CVSS5AI score0.00581EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/07/27 12:0 a.m.•8 views

CSRF vulnerability and missing permission check in google-cloud-backup

google-cloud-backup 0.6 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to request a manual backup. Additionally, this HTTP endpoint does not require POST requests, resulting in a cross-site request forgery CSRF vulnerability...

8CVSS6AI score0.00505EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/07/27 12:0 a.m.•8 views

Missing permission checks in compuware-xpediter-code-coverage

compuware-xpediter-code-coverage 1.0.7 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins. Those credentials IDs...

4.3CVSS5AI score0.00569EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/07/27 12:0 a.m.•8 views

CSRF vulnerability and missing permission check in coverity allow capturing credentials

coverity 1.11.4 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS6.3AI score0.0073EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/06/30 12:0 a.m.•8 views

Stored XSS vulnerability in gitlab-plugin

gitlab-plugin 1.5.34 and earlier does not escape multiple user-provided values shown as part of the build cause of webhook-triggered builds. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. gitlab-plugin 1.5.35 does not show...

8CVSS5.3AI score0.72518EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/06/30 12:0 a.m.•8 views

Stored XSS vulnerability in plot

plot 2.1.10 and earlier does not escape plot descriptions. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. As of publication of this advisory, there is no fix. Learn why we announce this...

8CVSS5.3AI score0.80518EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/06/30 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in xpath-config-viewer

xpath-config-viewer 1.1.1 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to create and delete XPath expressions. Additionally, these HTTP endpoints do not require POST requests, resulting in a cross-site request forgery...

4.3CVSS4.8AI score0.00557EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/06/30 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in failedJobDeactivator allow disabling jobs

failedJobDeactivator 1.2.1 and earlier does not perform permission checks in several views and HTTP endpoints. This allows attackers with Overall/Read permission to disable jobs. Additionally, these endpoints do not require POST requests, resulting in a cross-site request forgery CSRF...

4.3CVSS4.9AI score0.00557EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/06/22 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in beaker-builder

beaker-builder 1.10 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL. Additionally, this form validation method does not require POST requests, resulting in a...

6.5CVSS5.4AI score0.00557EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/05/17 12:0 a.m.•8 views

Multiple SCM plugins can check out from the controller file system

SCMs support a number of different URL schemes, including local file system paths e.g. using file: URLs. Historically in Jenkins, only agents checked out from SCM, and if multiple projects share the same agent, there is no expected isolation between builds besides using different workspaces unles...

7.5CVSS6.4AI score0.01382EPSS
Exploits0Affected Software3
Total number of security vulnerabilities1464