Lucene search
+L
JenkinsMost viewed

1464 matches found

Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•8 views

CSRF vulnerability in cloudbees-bitbucket-branch-source allows capturing credentials

cloudbees-bitbucket-branch-source 737.vdf9dc06105be and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified...

7.1CVSS7AI score0.00655EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•8 views

Password stored in plain text by Publish Over SSH

Publish Over SSH 1.22 and earlier stores password unencrypted in its global configuration file jenkins.plugins.publishoverssh.BapSshPublisherPlugin.xml on the Jenkins controller as part of its configuration. This password can be viewed by users with access to the Jenkins controller file system. A...

3.3CVSS4.8AI score0.00307EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•8 views

CSRF vulnerability in batch task

batch task 1.19 and earlier does not require POST requests for several HTTP endpoints, resulting in cross-site request forgery CSRF vulnerabilities. These vulnerabilities allow attackers with Overall/Read access to retrieve logs, build or delete a batch task. As of publication of this advisory,...

5.8CVSS5.6AI score0.00579EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•8 views

Stored XSS vulnerability in Publish Over SSH

Publish Over SSH 1.22 and earlier does not escape the SSH server name. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Overall/Administer permission. As of publication of this advisory, there is no fix. Learn why we announce this...

6.8CVSS4.9AI score0.00819EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in Publish Over SSH

Publish Over SSH 1.22 and earlier does not perform permission checks in methods implementing connection tests. This allows attackers with Overall/Read access to connect to an attacker-specified SSH server using attacker-specified credentials. Additionally, these connection tests methods do not...

6.5CVSS5.5AI score0.26546EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•8 views

Improper credentials masking in hashicorp-vault-plugin

Pipelines display commands executed in their Pipeline step descriptions and their output in build logs. To mask sensitive output, Pipeline: Groovy Plugin 2.84 and earlier specified an allowlist of known non-sensitive variables and masked everything else. This caused problems, so Pipeline: Groovy...

6.5CVSS6.5AI score0.00959EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•8 views

Path traversal vulnerability in Publish Over SSH

Publish Over SSH 1.22 and earlier performs a validation of the file name specifying whether it is present or not. This results in a path traversal vulnerability allowing attackers with Item/Configure permission to discover the name of the Jenkins controller files. As of publication of this...

4.3CVSS5AI score0.01504EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/10/06 12:0 a.m.•8 views

Improper handling of equivalent directory names on Windows

Jenkins stores jobs and other entities on disk using their name shown on the UI as file and folder names. On Windows, when specifying a file or folder with a trailing dot character example., the file or folder will be treated as if that character was not present example. As both are legal names f...

6.3CVSS5AI score0.00967EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/10/06 12:0 a.m.•8 views

Path traversal vulnerability on Windows

The file browser for workspaces, archived artifacts, and userContent/ in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier may interpret some paths to files as absolute on Windows. This results in a path traversal vulnerability allowing attackers with Overall/Read permission Windows controller o...

6.5CVSS6.5AI score0.02103EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/08/31 12:0 a.m.•8 views

saml allows bypassing CSRF protection for any URL

An extension point in Jenkins allows selectively disabling cross-site request forgery CSRF protection for specific URLs. saml implements this extension point for the URL that users are redirected to after login. In saml 2.0.7 and earlier this implementation is too permissive, allowing attackers t...

8.8CVSS7.8AI score0.0081EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/06/10 12:0 a.m.•8 views

Missing permission checks allow enumerating credentials IDs in kubernetes-cli

kubernetes-cli 1.10.0 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another...

4.3CVSS5.1AI score0.0164EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/05/11 12:0 a.m.•8 views

Missing permission checks in s3 allow obtaining metadata about artifacts

s3 0.11.6 and earlier does not perform Run/Artifacts permission checks in various HTTP endpoints and API models. This allows attackers with Item/Read permission to obtain information about artifacts uploaded to S3, if the optional Run/Artifacts permission is enabled. s3 0.11.7 requires...

4.3CVSS5.1AI score0.00712EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/05/11 12:0 a.m.•8 views

Missing permission check in xray-connector allows enumerating credentials IDs

xray-connector 2.4.0 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability...

4.3CVSS5.1AI score0.00865EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/05/11 12:0 a.m.•8 views

CSRF vulnerability in xray-connector allows capturing credentials

xray-connector 2.4.0 and earlier does not require POST requests for a connection test method, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another...

7.1CVSS7AI score0.00642EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/04/21 12:0 a.m.•8 views

XXE vulnerability in config-file-provider

config-file-provider 3.7.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers with the ability to define Maven configuration files to have Jenkins parse a crafted configuration file that uses external entities for extraction of secrets...

8.1CVSS7.8AI score0.3783EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/04/21 12:0 a.m.•8 views

Missing permission checks in config-file-provider allow enumerating configuration file IDs

config-file-provider 3.7.0 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate configuration file IDs. An enumeration of configuration file IDs in config-file-provider 3.7.1 requires the appropriate permissions...

4.3CVSS5.5AI score0.00887EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/04/07 12:0 a.m.•8 views

Lack of type validation in agent related REST API

Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not validate the type of object created after loading the data submitted to the config.xml REST API endpoint of a node. This allows attackers with Computer/Configure permission to replace a node with one of a different type. Jenkins 2.287, L...

4.3CVSS5AI score0.02725EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/04/07 12:0 a.m.•8 views

View name validation bypass

Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not properly check that a newly created view has an allowed name. When a form to create a view is submitted, the name is included twice in the submission. One instance is validated, but the other instance is used to create the value. This...

4.3CVSS5AI score0.01905EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/01/13 12:0 a.m.•8 views

Path traversal vulnerability in agent names

Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows users with Agent/Configure permission to choose agent names that cause Jenkins to override unrelated config.xml files. If the global config.xml file is replaced, Jenkins will start up with unsafe legacy defaults after a restart. Jenkins...

8CVSS7.5AI score0.02219EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/01/13 12:0 a.m.•8 views

Reflected XSS vulnerability in markup formatter preview

Jenkins allows administrators to choose the markup formatter to use for descriptions of jobs, builds, views, etc. displayed in Jenkins. When editing such a description, users can choose to have Jenkins render a formatted preview of the description they entered. Jenkins 2.274 and earlier, LTS...

7.5CVSS6.2AI score0.01185EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/01/13 12:0 a.m.•8 views

Arbitrary file read vulnerability in workspace browsers

The file browser for workspaces, archived artifacts, and $JENKINSHOME/userContent/ follows symbolic links to locations outside the directory being browsed in Jenkins 2.274 and earlier, LTS 2.263.1 and earlier. This allows attackers with Job/Workspace permission and the ability to control workspac...

6.5CVSS5.5AI score0.02226EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/11/04 12:0 a.m.•8 views

Login allowed with empty password by active-directory

active-directory implements two separate modes: Integration with ADSI on Windows, and an OS agnostic LDAP-based mode. The Windows/ADSI mode does not specifically prohibit use of empty passwords in active-directory 2.19 and earlier. If the Active Directory server allows the unauthenticated bind...

9.8CVSS8.4AI score0.01652EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/11/04 12:0 a.m.•8 views

Missing permission check in active-directory allows accessing domain health check page

active-directory 2.19 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to access the domain health check diagnostic page. active-directory 2.20 requires Overall/Administer permission to access the domain health check diagnosti...

4.3CVSS5.1AI score0.00668EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/11/04 12:0 a.m.•8 views

CSRF vulnerability in active-directory

active-directory 2.19 and earlier does not require POST requests for multiple HTTP endpoints implementing connection and authentication tests, resulting in cross-site request forgery CSRF vulnerabilities. This vulnerability allows attackers to perform connection tests, connecting to...

4.3CVSS5AI score0.00671EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/11/04 12:0 a.m.•8 views

Stored XSS vulnerability in Static Analysis Utilities

Static Analysis Utilities 1.96 and earlier does not escape the annotation message in tooltips. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission. As of publication of this advisory, there is no fix...

8CVSS5.3AI score0.00711EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/11/04 12:0 a.m.•8 views

Password written to the build log by sqlplus-script-runner

sqlplus-script-runner 2.0.12 and earlier prints the sqlplus command invocation to the build log. This log message does not redact a password provided as part of a command line argument. This password can be viewed by users with Item/Read permission. sqlplus-script-runner 2.0.13 no longer prints t...

6.5CVSS6.5AI score0.00977EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/10/08 12:0 a.m.•8 views

Stored XSS vulnerability in uno-choice

uno-choice 2.4 and earlier does not escape List and Map return values of sandboxed scripts for Reactive Reference Parameter. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission. This issue is caused by an incomplete fix for...

8CVSS5.3AI score0.00903EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/10/08 12:0 a.m.•8 views

Request logging could be bypassed in audit-trail

audit-trail logs requests whose URL path matches an admin-configured regular expression. A discrepancy between the behavior of the plugin and the Stapler web framework in parsing URL paths allows attackers to craft URLs that would bypass request logging in audit-trail 3.6 and earlier. This only...

5.3CVSS5.7AI score0.01169EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/23 12:0 a.m.•8 views

Sandbox bypass vulnerability in script-security

script-security provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are generally safe to execute. Calls to code defined inside a sandboxed script are intercepted, and various allowlists are checked to determine whether the call is to be allowe...

9.9CVSS8.7AI score0.02126EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/23 12:0 a.m.•8 views

Stored XSS vulnerability in liquibase-runner

liquibase-runner 1.4.5 and earlier does not escape changeset contents when showing them on the build page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide Liquibase changesets evaluated by the plugin. liquibase-runner 1.4.7 no longer suppor...

8CVSS5.4AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/16 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in mongodb

mongodb 1.3 and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to gain access to some metadata of any arbitrary files on the Jenkins controller. Additionally, these form validation methods do not require POST...

8.8CVSS6.4AI score0.00691EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/16 12:0 a.m.•8 views

Stored XSS vulnerability in android-lint

android-lint 2.6 and earlier does not escape the annotation message in tooltips. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the 'Publish Android Lint results' post-build step. As of publication of this advisory, there i...

8CVSS5.3AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/16 12:0 a.m.•8 views

Path traversal vulnerability in blueocean

blueocean 1.23.2 and earlier provides an undocumented feature flag, blueocean.features.GITREADSAVETYPE, that when set to the value clone allows an attacker with Item/Configure or Item/Create permission to read arbitrary files on the Jenkins controller file system. blueocean 1.23.3 no longer...

6.5CVSS6.5AI score0.02126EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/16 12:0 a.m.•8 views

Missing permission check in perfecto

perfecto 1.17 and earlier does not perform a permission check in a method implementing a connection test. This allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL using attacker-specified username and password. perfecto 1.18 requires Overall/Administer...

4.3CVSS5.1AI score0.00656EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/16 12:0 a.m.•8 views

Passwords stored in plain text by elastest

elastest 1.2.1 and earlier stores its server password in plain text in the global configuration file jenkins.plugins.elastest.ElasTestInstallation.xml. This password can be viewed by users with access to the Jenkins controller file system. As of publication of this advisory, there is no fix...

5.5CVSS5.7AI score0.00259EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/01 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in database

database 1.6 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified username and password. Additionally, this form validation...

8.8CVSS6.9AI score0.00715EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/01 12:0 a.m.•8 views

Credentials stored in plain text by tfs

tfs 5.157.1 and earlier stores a webhook secret unencrypted in its global configuration file hudson.plugins.tfs.TeamPluginGlobalConfig.xml on the Jenkins controller as part of its configuration. This secret can be viewed by attackers with access to the Jenkins controller file system. As of...

3.3CVSS4.8AI score0.00257EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/01 12:0 a.m.•8 views

Secret stored in plain text by Parameterized-Remote-Trigger

Parameterized-Remote-Trigger 3.1.3 and earlier stores a secret unencrypted in its global configuration file org.jenkinsci.plugins.ParameterizedRemoteTrigger.RemoteBuildConfiguration.xml on the Jenkins controller as part of its configuration. This secret can be viewed by attackers with access to t...

4.3CVSS5.1AI score0.00524EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/08/12 12:0 a.m.•8 views

SMTP password transmitted and displayed in plain text by email-ext

email-ext stores an SMTP password in its global configuration file hudson.plugins.emailext.ExtendedEmailPublisher.xml on the Jenkins controller as part of its configuration. While this password is stored encrypted on disk, it is transmitted and displayed in plain text as part of the configuration...

7.5CVSS7.3AI score0.00755EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/08/12 12:0 a.m.•8 views

Stored XSS vulnerability in yet-another-build-visualizer

yet-another-build-visualizer 1.11 and earlier does not escape tooltip content. This results in a stored cross-site scripting XSS vulnerability exploitable by users with Run/Update permission. yet-another-build-visualizer 1.12 escapes tooltip content...

8CVSS6.3AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/08/12 12:0 a.m.•8 views

CSRF vulnerability in flaky-test-handler

flaky-test-handler 1.0.4 and earlier does not require POST requests for the "Deflake this build" feature, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to rebuild a project at a previous git revision where the tests were failing. As of publicati...

4.3CVSS4.9AI score0.00679EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/15 12:0 a.m.•8 views

Stored XSS vulnerability in single axis builds tooltips in matrix-project

matrix-project 1.16 and earlier does not escape node names shown in tooltips on the overview page of builds with a single axis. This results in a stored cross-site scripting XSS vulnerability exploitable by users with Agent/Configure permission. matrix-project 1.17 escapes the node names shown in...

8CVSS5.8AI score0.00919EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/15 12:0 a.m.•8 views

Stored XSS vulnerability in job build time trend

Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the agent name on build time trend pages. This results in a stored cross-site scripting XSS vulnerability exploitable by users with Agent/Configure permission. Jenkins 2.245, LTS 2.235.2 escapes the agent name...

8CVSS5.3AI score0.01023EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in fortify-on-demand-uploader

fortify-on-demand-uploader 5.0.1 and earlier does not perform permission checks on a method implementing form validation. This allows users with Overall/Read access to Jenkins to connect to the globally configured Fortify on Demand endpoint using attacker-specified credentials IDs obtained throug...

5.5CVSS5AI score0.00665EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•8 views

Stored XSS vulnerability in sonargraph-integration

sonargraph-integration 3.0.0 and earlier does not escape the file path for the Log file field form validation. This results in a stored cross-site scripting XSS vulnerability that can be exploited by users with Job/Configure permission. sonargraph-integration 3.0.1 escapes the affected part of th...

5.4CVSS5.3AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•8 views

Passwords transmitted in plain text by StashBranchParameter

StashBranchParameter stores Stash API passwords in its global configuration file org.jenkinsci.plugins.StashBranchParameter.StashBranchParameterDefinition.xml on the Jenkins controller as part of its configuration. While the password is stored encrypted on disk, it is transmitted in plain text as...

4.3CVSS4.8AI score0.00657EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•8 views

Secret stored in plain text by slack-uploader

slack-uploader 1.7 and earlier stores a secret unencrypted in job config.xml files as part of its configuration. This secret can be viewed by users with Extended Read permission or access to the Jenkins controller file system. As of publication of this advisory, there is no fix...

4.3CVSS5.1AI score0.00691EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•8 views

XSS vulnerability in svn-partial-release-mgr

svn-partial-release-mgr 1.0.1 and earlier does not escape the error message for the repository URL field form validation. This results in a reflected cross-site scripting XSS vulnerability that can also be exploited similar to a stored cross-site scripting vulnerability by users with Job/Configur...

6.1CVSS5.8AI score0.06189EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•8 views

Missing permission check in project-inheritance

Jenkins limits access to job configuration XML data config.xml to users with Job/ExtendedRead permission, typically implied by Job/Configure permission. project-inheritance has several job inspection features, including the API URL /job/.../getConfigAsXML for its Inheritance Project job type that...

6.5CVSS5.5AI score0.00798EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•8 views

Stored XSS vulnerability in script-security

script-security 1.72 and earlier does not correctly escape pending or approved classpath entries on the In-process Script Approval page. This results in a stored cross-site scripting XSS vulnerability exploitable by users able to configure sandboxed scripts. script-security 1.73 escapes pending a...

5.4CVSS5.3AI score0.0076EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1464