Lucene search
+L
JenkinsMost viewed

1464 matches found

Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/11/04 12:0 a.m.•8 views

Password written to the build log by sqlplus-script-runner

sqlplus-script-runner 2.0.12 and earlier prints the sqlplus command invocation to the build log. This log message does not redact a password provided as part of a command line argument. This password can be viewed by users with Item/Read permission. sqlplus-script-runner 2.0.13 no longer prints t...

6.5CVSS6.5AI score0.00977EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/10/08 12:0 a.m.•8 views

Incorrect default pattern in audit-trail

audit-trail uses regular expressions to match requested URLs whose dispatch should be logged. In audit-trail 3.6 and earlier, the default regular expression pattern could be bypassed in many cases by adding a suffix to the URL that would be ignored during request handling. audit-trail 3.7 changes...

5.3CVSS5.7AI score0.00952EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/10/08 12:0 a.m.•8 views

Stored XSS vulnerability in release

release 2.10.2 and earlier does not escape the release version in the badge tooltip. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Release/Release permission. As of publication of this advisory, there is no fix...

8CVSS5.3AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/10/08 12:0 a.m.•8 views

Request logging could be bypassed in audit-trail

audit-trail logs requests whose URL path matches an admin-configured regular expression. A discrepancy between the behavior of the plugin and the Stapler web framework in parsing URL paths allows attackers to craft URLs that would bypass request logging in audit-trail 3.6 and earlier. This only...

5.3CVSS5.7AI score0.01169EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/10/08 12:0 a.m.•8 views

Stored XSS vulnerability in uno-choice

uno-choice 2.4 and earlier does not escape List and Map return values of sandboxed scripts for Reactive Reference Parameter. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission. This issue is caused by an incomplete fix for...

8CVSS5.3AI score0.00903EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/23 12:0 a.m.•8 views

Sandbox bypass vulnerability in script-security

script-security provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are generally safe to execute. Calls to code defined inside a sandboxed script are intercepted, and various allowlists are checked to determine whether the call is to be allowe...

9.9CVSS8.7AI score0.02126EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/23 12:0 a.m.•8 views

Stored XSS vulnerability in liquibase-runner

liquibase-runner 1.4.5 and earlier does not escape changeset contents when showing them on the build page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide Liquibase changesets evaluated by the plugin. liquibase-runner 1.4.7 no longer suppor...

8CVSS5.4AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/16 12:0 a.m.•8 views

Passwords stored in plain text by elastest

elastest 1.2.1 and earlier stores its server password in plain text in the global configuration file jenkins.plugins.elastest.ElasTestInstallation.xml. This password can be viewed by users with access to the Jenkins controller file system. As of publication of this advisory, there is no fix...

5.5CVSS5.7AI score0.00259EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/16 12:0 a.m.•8 views

Path traversal vulnerability in blueocean

blueocean 1.23.2 and earlier provides an undocumented feature flag, blueocean.features.GITREADSAVETYPE, that when set to the value clone allows an attacker with Item/Configure or Item/Create permission to read arbitrary files on the Jenkins controller file system. blueocean 1.23.3 no longer...

6.5CVSS6.5AI score0.02126EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/16 12:0 a.m.•8 views

Missing permission check in perfecto

perfecto 1.17 and earlier does not perform a permission check in a method implementing a connection test. This allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL using attacker-specified username and password. perfecto 1.18 requires Overall/Administer...

4.3CVSS5.1AI score0.00656EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/16 12:0 a.m.•8 views

Stored XSS vulnerability in android-lint

android-lint 2.6 and earlier does not escape the annotation message in tooltips. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide report files to the 'Publish Android Lint results' post-build step. As of publication of this advisory, there i...

8CVSS5.3AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/16 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in mongodb

mongodb 1.3 and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to gain access to some metadata of any arbitrary files on the Jenkins controller. Additionally, these form validation methods do not require POST...

8.8CVSS6.4AI score0.00691EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/01 12:0 a.m.•8 views

Secret stored in plain text by Parameterized-Remote-Trigger

Parameterized-Remote-Trigger 3.1.3 and earlier stores a secret unencrypted in its global configuration file org.jenkinsci.plugins.ParameterizedRemoteTrigger.RemoteBuildConfiguration.xml on the Jenkins controller as part of its configuration. This secret can be viewed by attackers with access to t...

4.3CVSS5.1AI score0.00524EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/01 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in database

database 1.6 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified username and password. Additionally, this form validation...

8.8CVSS6.9AI score0.00715EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/01 12:0 a.m.•8 views

Credentials stored in plain text by tfs

tfs 5.157.1 and earlier stores a webhook secret unencrypted in its global configuration file hudson.plugins.tfs.TeamPluginGlobalConfig.xml on the Jenkins controller as part of its configuration. This secret can be viewed by attackers with access to the Jenkins controller file system. As of...

3.3CVSS4.8AI score0.00257EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/08/12 12:0 a.m.•8 views

SMTP password transmitted and displayed in plain text by email-ext

email-ext stores an SMTP password in its global configuration file hudson.plugins.emailext.ExtendedEmailPublisher.xml on the Jenkins controller as part of its configuration. While this password is stored encrypted on disk, it is transmitted and displayed in plain text as part of the configuration...

7.5CVSS7.3AI score0.00755EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/08/12 12:0 a.m.•8 views

Stored XSS vulnerability in yet-another-build-visualizer

yet-another-build-visualizer 1.11 and earlier does not escape tooltip content. This results in a stored cross-site scripting XSS vulnerability exploitable by users with Run/Update permission. yet-another-build-visualizer 1.12 escapes tooltip content...

8CVSS6.3AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/08/12 12:0 a.m.•8 views

CSRF vulnerability in flaky-test-handler

flaky-test-handler 1.0.4 and earlier does not require POST requests for the "Deflake this build" feature, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to rebuild a project at a previous git revision where the tests were failing. As of publicati...

4.3CVSS4.9AI score0.00679EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/15 12:0 a.m.•8 views

Stored XSS vulnerability in job build time trend

Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the agent name on build time trend pages. This results in a stored cross-site scripting XSS vulnerability exploitable by users with Agent/Configure permission. Jenkins 2.245, LTS 2.235.2 escapes the agent name...

8CVSS5.3AI score0.01023EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/15 12:0 a.m.•8 views

Stored XSS vulnerability in single axis builds tooltips in matrix-project

matrix-project 1.16 and earlier does not escape node names shown in tooltips on the overview page of builds with a single axis. This results in a stored cross-site scripting XSS vulnerability exploitable by users with Agent/Configure permission. matrix-project 1.17 escapes the node names shown in...

8CVSS5.8AI score0.00919EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in fortify-on-demand-uploader

fortify-on-demand-uploader 5.0.1 and earlier does not perform permission checks on a method implementing form validation. This allows users with Overall/Read access to Jenkins to connect to the globally configured Fortify on Demand endpoint using attacker-specified credentials IDs obtained throug...

5.5CVSS5AI score0.00665EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•8 views

Secret stored in plain text by slack-uploader

slack-uploader 1.7 and earlier stores a secret unencrypted in job config.xml files as part of its configuration. This secret can be viewed by users with Extended Read permission or access to the Jenkins controller file system. As of publication of this advisory, there is no fix...

4.3CVSS5.1AI score0.00691EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•8 views

Passwords transmitted in plain text by StashBranchParameter

StashBranchParameter stores Stash API passwords in its global configuration file org.jenkinsci.plugins.StashBranchParameter.StashBranchParameterDefinition.xml on the Jenkins controller as part of its configuration. While the password is stored encrypted on disk, it is transmitted in plain text as...

4.3CVSS4.8AI score0.00657EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•8 views

Stored XSS vulnerability in sonargraph-integration

sonargraph-integration 3.0.0 and earlier does not escape the file path for the Log file field form validation. This results in a stored cross-site scripting XSS vulnerability that can be exploited by users with Job/Configure permission. sonargraph-integration 3.0.1 escapes the affected part of th...

5.4CVSS5.3AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•8 views

OS command injection vulnerability in Play Framework

A form validation endpoint in Play Framework executes the play command to validate a given input file. Play Framework 1.0.2 and earlier lets users specify the path to the play command on the Jenkins controller. This results in an OS command injection vulnerability exploitable by users able to sto...

8.8CVSS8AI score0.02422EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•8 views

Stored XSS vulnerability in script-security

script-security 1.72 and earlier does not correctly escape pending or approved classpath entries on the In-process Script Approval page. This results in a stored cross-site scripting XSS vulnerability exploitable by users able to configure sandboxed scripts. script-security 1.73 escapes pending a...

5.4CVSS5.3AI score0.0076EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•8 views

Missing permission check in project-inheritance

Jenkins limits access to job configuration XML data config.xml to users with Job/ExtendedRead permission, typically implied by Job/Configure permission. project-inheritance has several job inspection features, including the API URL /job/.../getConfigAsXML for its Inheritance Project job type that...

6.5CVSS5.5AI score0.00798EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•8 views

XSS vulnerability in svn-partial-release-mgr

svn-partial-release-mgr 1.0.1 and earlier does not escape the error message for the repository URL field form validation. This results in a reflected cross-site scripting XSS vulnerability that can also be exploited similar to a stored cross-site scripting vulnerability by users with Job/Configur...

6.1CVSS5.8AI score0.06189EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/05/06 12:0 a.m.•8 views

Secrets are not masked by credentials-binding in builds without build steps

credentials-binding 1.22 and earlier does not mask i.e., replace with asterisks secrets in the build log when the build contains no build steps. credentials-binding 1.23 now masks secrets when the build contains no build steps...

6.5CVSS6.3AI score0.01087EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/05/06 12:0 a.m.•8 views

Users with Overall/Read access can enumerate credentials IDs in ec2

ec2 provides a list of applicable credentials IDs to allow users configuring the plugin to select the one to use. This functionality does not correctly check permissions in ec2 1.50.1 and earlier, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those can be...

4.3CVSS5AI score0.00647EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/04/16 12:0 a.m.•8 views

XXE vulnerability in parasoft-findings

parasoft-findings implements a static analysis parser for various Parasoft products and integrates with Warnings Plugin 10.4.1 and earlier and Warnings NG Plugin 10.4.2 and newer. parasoft-findings 10.4.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. Th...

7.1CVSS7.5AI score0.00877EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/04/16 12:0 a.m.•8 views

RCE vulnerability in yaml-axis

yaml-axis 0.2.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution RCE vulnerability exploitable by users able to configure a multi-configuration Matrix job, or control the contents of a previously configured job...

8.8CVSS8.9AI score0.02867EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/04/16 12:0 a.m.•8 views

RCE vulnerability in aws-sam

aws-sam 1.2.2 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution RCE vulnerability exploitable by users able to configure a job or control the contents of a previously configured "AWS SAM deploy application" buil...

8.8CVSS8.9AI score0.02282EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/04/07 12:0 a.m.•8 views

XSS vulnerability in gatling

gatling 1.2.7 and earlier serves Gatling reports in a manner that bypasses the Content-Security-Policy protection introduced in Jenkins 1.641 and 1.625.3. This results in a cross-site scripting XSS vulnerability exploitable by users able to change report content. gatling 1.3.0 no longer allows...

6.1CVSS5.5AI score0.00705EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/09 12:0 a.m.•8 views

XXE vulnerability in cobertura

cobertura 1.15 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows a user able to control the input files for the 'Publish Cobertura Coverage Report' post-build step to have Jenkins parse a crafted file that uses external entities for extraction o...

7.1CVSS7.2AI score0.00926EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/09 12:0 a.m.•8 views

Credentials transmitted in plain text by repository-connector

repository-connector stores credentials in its global configuration file org.jvnet.hudson.plugins.repositoryconnector.RepositoryConfiguration.xml on the Jenkins controller as part of its configuration. While the credentials are stored encrypted on disk, they are transmitted in plain text as part ...

5.3CVSS5.3AI score0.00614EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/09 12:0 a.m.•8 views

Credentials stored in plain text by zephyr-enterprise-test-management

zephyr-enterprise-test-management 1.9.1 and earlier stores its Zephyr password in plain text in the global configuration file com.thed.zephyr.jenkins.reporter.ZeeReporter.xml. This password can be viewed by users with access to the Jenkins controller file system. zephyr-enterprise-test-management...

5.5CVSS5.7AI score0.0033EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/09 12:0 a.m.•8 views

Credentials transmitted in plain text by openshift-deployer

openshift-deployer stores credentials in its global configuration file org.jenkinsci.plugins.openshift.DeployApplication.xml on the Jenkins controller as part of its configuration. While the credentials are stored encrypted on disk, they are transmitted in plain text as part of the configuration...

5.3CVSS5.3AI score0.00614EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/02/12 12:0 a.m.•8 views

Sandbox bypass via default method parameter expression in workflow-cps

Sandbox protection in workflow-cps 2.78 and earlier can be circumvented through default parameter expressions in CPS-transformed methods. This allows attackers able to specify and run sandboxed Pipelines to execute arbitrary code in the context of the Jenkins controller JVM. These expressions are...

8.8CVSS8.4AI score0.01267EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/02/12 12:0 a.m.•8 views

Client secret transmitted in plain text by azure-ad

azure-ad stores a client secret in its global configuration. While the credential is stored encrypted on disk, it is transmitted in plain text as part of the configuration form by azure-ad 1.1.2 and earlier. This can result in exposure of the credential through browser extensions, cross-site...

5.3CVSS5.4AI score0.00925EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/02/12 12:0 a.m.•8 views

XXE vulnerability in fitnesse

fitnesse 1.30 and earlier does not configure the XML parser to prevent XML external entity XXE attacks. This allows a user able to control the input files for its post-build step to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins controller...

8.8CVSS8.1AI score0.0115EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/02/12 12:0 a.m.•8 views

Password stored in plain text by catalogic-ecx

catalogic-ecx 1.9 and earlier stores a service password unencrypted in job config.xml files as part of its configuration. This credential can be viewed by users with Extended Read permission or access to the Jenkins controller file system. As of publication of this advisory, there is no fix...

4.3CVSS5.1AI score0.00691EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/02/12 12:0 a.m.•8 views

Password stored in plain text by eagle-tester

eagle-tester 1.0.9 and earlier stores a password unencrypted in its global configuration file com.bmc.rpd.jenkins.plugin.bmcrpd.configuration.RPDPluginConfiguration.xml on the Jenkins controller. This credential can be viewed by users with access to the Jenkins controller file system. As of...

6.5CVSS6.4AI score0.00852EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/01/29 12:0 a.m.•8 views

Non-constant time comparison of inbound TCP agent connection secret

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier does not use a constant-time comparison validating the connection secret when an inbound TCP agent connection is initiated. This could potentially allow attackers to use statistical methods to obtain the connection secret. Jenkins 2.219, LTS...

5.3CVSS5.6AI score0.01368EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/01/29 12:0 a.m.•8 views

Non-constant time HMAC comparison

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier does not use a constant-time comparison when checking whether two HMACs are equal. This could potentially allow attackers to use statistical methods to obtain a valid HMAC for an attacker-controlled input value. Jenkins 2.219, LTS 2.204.2 now use...

5.3CVSS5.6AI score0.01397EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/01/15 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in sounds allow OS command execution

sounds 0.5 and earlier does not perform permission checks in URLs performing form validation. This allows attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins. Additionally, these form validation URLs do not require POST requests, resulting in...

9.3CVSS8.3AI score0.01209EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/01/15 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in ec2

ec2 1.47 and earlier does not perform permission checks in methods performing form validation. This allows users with Overall/Read access to Jenkins to connect to an attacker-specified URL within the AWS region using attacker-specified credentials IDs obtained through another method. NOTE: This...

8.8CVSS7.8AI score0.01113EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/12/17 12:0 a.m.•8 views

redgate-sql-ci stores credentials in plain text

redgate-sql-ci 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins controller as part of its build step configuration. These credentials can be viewed by users with Extended Read permission or access to the Jenkins controller file system. redgate-sql-ci 2.0.4...

6.5CVSS6.5AI score0.00852EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/12/17 12:0 a.m.•8 views

Stored XSS vulnerability in mission-control-view

mission-control-view 0.9.16 and earlier does not escape job display names and build names in the view it provides. This results in a stored cross-site scripting vulnerability that can be exploited by users able to change these properties. As of publication of this advisory, there is no fix...

5.4CVSS5.3AI score0.00688EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/12/17 12:0 a.m.•8 views

CSRF vulnerability in alauda-kubernetes-support

alauda-kubernetes-support 2.3.0 and earlier does not require POST requests on a connection test method, resulting in a CSRF vulnerability. This allows attackers to have Jenkins connect to Kubernetes-related paths on an attacker-specified web server using attacker-specified credentials IDs obtaine...

8.8CVSS7.1AI score0.00863EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1464