Lucene search
K
JenkinsMost viewed

1464 matches found

Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/10/01 12:0 a.m.•8 views

Sandbox bypass vulnerability in script-security

Sandbox protection in script-security could be circumvented through default parameter expressions in constructors. This allowed attackers able to specify and run sandboxed scripts to execute arbitrary code in the context of the Jenkins controller JVM. These expressions are now subject to sandbox...

9.9CVSS8.4AI score0.02698EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/09/25 12:0 a.m.•8 views

XSS vulnerability in combobox form control

Jenkins interpreted items added to f:combobox form controls as HTML. This resulted in a cross-site scripting vulnerability exploitable by attackers able to control the contents of f:combobox form controls. Jenkins no longer interprets items added to a combobox as HTML. NOTE ====== This might be a...

5.4CVSS5.2AI score0.01033EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/09/25 12:0 a.m.•8 views

Stored XSS vulnerability in expandable textbox form control

Jenkins form controls include an expandable textbox that can transform from a single-line text box to a multi-line text area. The implementation of this transformation interpreted the text content of the form field as HTML. This resulted in a cross-site scripting vulnerability exploitable by...

5.4CVSS5.2AI score0.01033EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/09/25 12:0 a.m.•8 views

Stored XSS vulnerability in SCM tag action tooltip

Jenkins did not escape the tag name on the tooltip for tag actions shown in the build history. This resulted in a cross-site scripting vulnerability exploitable by attackers able to control the SCM tag name for these actions. Jenkins now escapes the SCM tag action...

5.4CVSS5.3AI score0.01033EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/09/25 12:0 a.m.•8 views

inedo-buildmaster showed plain text password in configuration form

inedo-buildmaster stores a service password in its global Jenkins configuration. While the password is stored encrypted on disk, it was transmitted in plain text as part of the configuration form. This could result in exposure of the password through browser extensions, cross-site scripting...

7.5CVSS5.5AI score0.00947EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/09/25 12:0 a.m.•8 views

datatheorem-mobile-app-security stored credentials in plain text

datatheorem-mobile-app-security stored a proxy password unencrypted in job config.xml files on the Jenkins controller. This password could be viewed by users with Extended Read permission, or access to the Jenkins controller file system. datatheorem-mobile-app-security now stores the proxy passwo...

6.5CVSS5.6AI score0.01001EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/09/25 12:0 a.m.•8 views

Script sandbox bypass vulnerability in Kubernetes Pipeline - Kubernetes Steps Plugin

Kubernetes Pipeline - Kubernetes Steps Plugin defines a custom list of pre-approved signatures for all scripts protected by the Script Security sandbox. This custom list of pre-approved signatures allows the use of methods that can be used to bypass Script Security sandbox protection. This result...

9.9CVSS9AI score0.01205EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/09/25 12:0 a.m.•8 views

aqua-security-scanner showed plain text password in configuration form

aqua-security-scanner stores a password in its global Jenkins configuration. While the password is stored encrypted on disk, it was transmitted in plain text as part of the configuration form. This could result in exposure of the password through browser extensions, cross-site scripting...

7.5CVSS7AI score0.00888EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/09/12 12:0 a.m.•8 views

System command execution vulnerability in git-client

git-client accepts user-specified values as argument to an invocation of git ls-remote to validate the existence of a Git repository at the specified URL. This was implemented in a way that allowed attackers with Job/Configure permission to execute an arbitrary system command on the Jenkins...

8.8CVSS8.1AI score0.25779EPSS
Exploits1Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/08/28 12:0 a.m.•8 views

Sandbox Bypass in splunk-devops

splunk-devops has a form validation HTTP endpoint used to validate a user-submitted Groovy script through compilation, which was not subject to sandbox protection. This allowed attackers with Overall/Read access to execute arbitrary code on the Jenkins controller by applying AST transforming...

8.8CVSS8.5AI score0.01677EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/08/07 12:0 a.m.•8 views

CSRF vulnerability and missing permission check in jclouds-jenkins allowed capturing credentials

jclouds-jenkins did not perform permission checks on a method implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in...

8.8CVSS6.5AI score0.00974EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/08/07 12:0 a.m.•8 views

Reflected XSS vulnerability in jenkinswalldisplay

jenkinswalldisplay does not properly escape the customTheme query parameter, resulting in a reflected cross-site scripting vulnerability. As of publication of this advisory, there is no fix...

6.1CVSS5.8AI score0.00816EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/08/07 12:0 a.m.•8 views

eggplant-plugin stores credentials in plain text

eggplant-plugin stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. As of publication of this advisory, there is no fix...

6.5CVSS5.3AI score0.01482EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/07/31 12:0 a.m.•8 views

configuration-as-code allowed users without Overall/Administer permission to access documentation

configuration-as-code provides a generated schema and reference documentation for the configuration options supported on the current Jenkins instance. These URLs did not perform additional permission checks, resulting in their content being available to users with Overall/Read access. This includ...

4.3CVSS5.1AI score0.00691EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/07/31 12:0 a.m.•8 views

configuration-as-code did not mask proxy credentials

configuration-as-code provides a custom configurator for the Jenkins proxy configuration. This feature did not mask the password for logging or encrypt it in the export. configuration-as-code 1.20 and newer mask the Jenkins proxy password when logged and only store it encrypted in the export...

5.5CVSS5.7AI score0.0033EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/07/17 12:0 a.m.•8 views

CSRF protection tokens did not expire

By default, CSRF tokens in Jenkins only checked user authentication and IP address. This allowed attackers able to obtain a CSRF token for another user to implement CSRF attacks as long as the victim's IP address remained unchanged. CSRF tokens will now also check the web session ID to confirm th...

7.5CVSS7AI score0.01502EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/07/11 12:0 a.m.•8 views

Users with Overall/Read access could enumerate credential IDs in docker-plugin

docker-plugin provides a list of applicable credential IDs to allow users configuring the plugin to select the one to use. This functionality did not correctly check permissions, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those could be used as part of ...

4.3CVSS5.1AI score0.01361EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/06/11 12:0 a.m.•8 views

CSRF vulnerability and missing permission check in jx-resources

jx-resources did not perform permission checks on a method implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified Kubernetes server and obtain information about an attacker-specified namespace. Doing so might also leak service...

8.8CVSS6.8AI score0.01832EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/06/11 12:0 a.m.•8 views

XSS vulnerability in build metadata contributed by electricflow

The plugin adds metadata displayed on build pages during its operations. Any user content was not escaped, resulting in a cross-site scripting vulnerability allowing users with Job/Configure permission, or attackers controlling API responses received from ElectricFlow to render arbitrary HTML and...

5.4CVSS5.5AI score0.01133EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/05/31 12:0 a.m.•8 views

CSRF vulnerability in artifactory

artifactory implements a number of API endpoints allowing users to trigger various actions related to releasing and promotion. These endpoints do not require POST requests, resulting in a cross-site request forgery vulnerability. As of publication of this advisory, no release containing a fix is...

6.5CVSS6.3AI score0.00751EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/05/31 12:0 a.m.•8 views

influxdb stored credentials in plain text

influxdb stored target passwords unencrypted in its global configuration file on the Jenkins controller. These credentials could be viewed by users with access to the Jenkins controller file system. influxdb now stores its passwords encrypted...

8.8CVSS7.9AI score0.01763EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/05/21 12:0 a.m.•8 views

Missing permission check allowed obtaining limited information about system configuration in pam-auth

A missing permission check in pam-auth allowed users with Overall/Read permission to invoke a form validation method to obtain limited information about the file /etc/shadow on systems with that file present, as well as the system user the Jenkins process is running as. Depending on configuration...

4.3CVSS5.1AI score0.00786EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/05/21 12:0 a.m.•8 views

Certificate file read vulnerability in credentials

Credentials Plugin allowed the creation of Certificate credentials from a PKCS12 file on the Jenkins controller. Users with permission to create or update credentials could use the associated form validation to confirm the existence of files with an attacker-specified path. Additionally, they cou...

4.3CVSS5.6AI score0.00969EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/17 12:0 a.m.•8 views

Sandbox bypass in ontrack

ontrack supports sandboxed Groovy expressions. Its sandbox protection could be circumvented during parsing, compilation, and script instantiation by providing a crafted Groovy script. This allowed users able to control the plugin’s job-specific configuration to bypass the sandbox protection and...

9.9CVSS8.8AI score0.02393EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/17 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in gitlab-plugin allowed capturing credentials

gitlab-plugin did not perform permission checks on a method implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkin...

8.8CVSS7.5AI score0.01373EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/17 12:0 a.m.•8 views

CSRF vulnerability and missing permission check in deployit-plugin

A missing permission check in a form validation method in deployit-plugin allows users with Overall/Read permission to initiate a connection test to an attacker-specified server with attacker-specified credentials. Additionally, the form validation method does not require POST requests, resulting...

6.5CVSS5.8AI score0.01051EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/17 12:0 a.m.•8 views

azure-publishersettings-credentials stored credentials in plain text

azure-publishersettings-credentials stored the service management certificate unencrypted in credentials.xml on the Jenkins controller. These credentials could be viewed by users with access to the Jenkins controller file system. azure-publishersettings-credentials has been deprecated...

8.8CVSS6.2AI score0.01373EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•8 views

jenkins-jira-issue-updater stores credentials in plain text

jenkins-jira-issue-updater stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

8.8CVSS6.3AI score0.01365EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•8 views

Bitbucket Approve Plugin stores credentials in plain text

Bitbucket Approve Plugin stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.bitbucketapprove.BitbucketApprover.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

8.8CVSS6.2AI score0.01365EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•8 views

snsnotify stores credentials in plain text

snsnotify stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.snsnotify.AmazonSNSNotifier.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

8.8CVSS6.2AI score0.01365EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•8 views

aws-device-farm stores credentials in plain text

aws-device-farm stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.awsdevicefarm.AWSDeviceFarmRecorder.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

8.8CVSS6.2AI score0.01365EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•8 views

Aqua Security Scanner Plugin stores credentials in plain text

Aqua Security Scanner Plugin stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.aquadockerscannerbuildstep.AquaDockerScannerBuilder.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

8.8CVSS6.2AI score0.01365EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•8 views

veracode-scanner Plugin stores credentials in plain text

veracode-scanner Plugin stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.veracodescanner.VeracodeNotifier.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

8.8CVSS6.2AI score0.01365EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•8 views

wildfly-deployer stores credentials in plain text

wildfly-deployer stores deployment credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

8.8CVSS6.3AI score0.01365EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•8 views

koji stores credentials in plain text

koji stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.koji.KojiBuilder.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

8.8CVSS6.2AI score0.01773EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•8 views

CSRF vulnerability and missing permission check in ftppublisher allow connecting to arbitrary FTP servers

A missing permission check in a form validation method in ftppublisher allows users with Overall/Read permission to initiate a connection test to an attacker-specified FTP server with attacker-specified credentials. Additionally, the form validation method does not require POST requests, resultin...

6.5CVSS6.3AI score0.01486EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•8 views

deployhub stores credentials in plain text

deployhub stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

8.8CVSS6.3AI score0.01773EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•8 views

kmap-jenkins stores credentials in plain text

kmap-jenkins stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

8.8CVSS7.9AI score0.01773EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•8 views

sra-deploy stores credentials in plain text

sra-deploy stores credentials unencrypted in its global configuration file com.urbancode.ds.jenkins.plugins.serenarapublisher.UrbanDeployPublisher.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

8.8CVSS6.2AI score0.01773EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•8 views

sametime stores credentials in plain text

sametime stores credentials unencrypted in its global configuration file hudson.plugins.sametime.im.transport.SametimePublisher.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

8.8CVSS6.2AI score0.01773EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/03/25 12:0 a.m.•8 views

Unprivileged users with Overall/Read access were able to enumerate credential IDs in Arxan MAM Publisher Plugin

Arxan MAM Publisher Plugin provides a list of applicable credential IDs to allow administrators configuring the plugin to select the one to use. This functionality did not check permissions, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those could be used...

4.3CVSS5.4AI score
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/03/25 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in Slack Notification Plugin allowed capturing credentials

Slack Notification Plugin did not perform permission checks on a method implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stor...

7.5CVSS6AI score0.0146EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/03/06 12:0 a.m.•8 views

Script security sandbox bypass in Email Extension Plugin

Email Extension Plugin supports sandboxed Groovy expressions for multiple features. Its sandbox protection could be circumvented during parsing, compilation, and script instantiation by providing a crafted Groovy script. This allowed users able to control the plugin's job-specific configuration t...

9.9CVSS8.9AI score0.02439EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/02/19 12:0 a.m.•8 views

SSRF vulnerability due to missing permission check in JMS Messaging Plugin

A missing permission check in a form validation method in JMS Messaging Plugin allowed users with Overall/Read permission to initiate a connection test, sending an HTTP request to an attacker-specified URL. Additionally, this form validation method did not require POST requests, resulting in a CS...

4.3CVSS5AI score0.00674EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/02/19 12:0 a.m.•8 views

SSRF vulnerability due to missing permission check in Acunetix Plugin

A missing permission check in a form validation method in Acunetix Plugin allowed users with Overall/Read permission to initiate a connection test, sending an HTTP GET request to an attacker-specified URL, adding a /me suffix, returning whether the connection could be established and whether the...

4.3CVSS5.5AI score
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/01/28 12:0 a.m.•8 views

XSS vulnerability in Warnings Next Generation Plugin

Warnings Next Generation Plugin did not properly escape HTML content in warnings displayed on the Jenkins UI, resulting in a cross-site scripting vulnerability exploitable by users able to control warnings parser input. Warnings Next Generation Plugin now removes unsafe HTML content from warnings...

6.1CVSS5.9AI score0.01041EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/01/28 12:0 a.m.•8 views

Blue Ocean did not require CSRF tokens

Blue Ocean did not require CSRF tokens "crumbs" for POST requests with the Content-Type: application/json. Blue Ocean now requires that valid CSRF tokens are present in POST requests...

6.5CVSS6.3AI score0.01108EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/01/28 12:0 a.m.•8 views

Improper certificate validation with StartTLS in Active Directory Plugin

Active Directory Plugin performs TLS upgrade StartTLS after connecting to domain controllers through insecure LDAP. In this mode, certificates were not properly validated, effectively trusting all certificates, allowing man-in-the-middle attacks. This only affected TLS upgrades. The LDAPS mode,...

7.4CVSS7.3AI score0.00778EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/12/05 12:0 a.m.•8 views

Workspace browser allowed accessing files outside the workspace

The file browser for workspaces, archived artifacts, and $JENKINSHOME/userContent/ followed symbolic links to locations outside the directory being browsed. While builds typically have access to the file system outside the workspace allocated by Jenkins, this should not extend to beyond the...

4.3CVSS5.8AI score0.01366EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/09/25 12:0 a.m.•8 views

Reflected XSS vulnerability in Job Config History Plugin

Job Config History Plugin did not escape some query parameters shown on its pages, resulting in a reflected cross-site scripting XSS vulnerability. Job Config History Plugin now globally applies variable escaping to its pages...

6.1CVSS5.8AI score0.00842EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1464