Lucene search
+L
JenkinsMost viewed

1464 matches found

Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/07/09 12:0 a.m.โ€ข7 views

File path information disclosure in htmlpublisher

htmlpublisher 425 and earlier displays log messages that include the absolute paths of files archived during the Publish HTML reports post-build step, exposing information about the Jenkins controller file system in the build log. htmlpublisher 427 displays only the parent directory name of files...

6.3CVSS6.4AI score0.00413EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/07/09 12:0 a.m.โ€ข7 views

Missing input validation for parameter values in git-parameter

git-parameter implements a choice build parameter that lists the configured Git SCMโ€™s branches, tags, pull requests, and revisions. git-parameter 439.vb0e46ca14534 and earlier does not validate that the Git parameter value submitted to the build matches one of the offered choices. This allows...

8.2CVSS8.1AI score0.00618EPSS
Exploits1Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/07/09 12:0 a.m.โ€ข7 views

Tokens stored in plain text by aqua-security-scanner

aqua-security-scanner 3.2.8 and earlier stores Scanner Tokens for Aqua API unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These tokens can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. As of...

4.3CVSS5AI score0.00191EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/07/09 12:0 a.m.โ€ข7 views

Stored XSS vulnerability in applitools-eyes

applitools-eyes 1.16.5 and earlier does not escape the Applitools URL on the build page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. applitools-eyes 1.16.6 rejects Applitools URLs that contain HTML metacharacters...

8CVSS5.3AI score0.00243EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/07/09 12:0 a.m.โ€ข7 views

API keys stored and displayed in plain text by applitools-eyes

applitools-eyes 1.16.5 and earlier stores Applitools API keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These API keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Additionally, the job...

6.5CVSS6AI score0.00252EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/07/09 12:0 a.m.โ€ข7 views

Tokens stored and displayed in plain text by ApicaLoadtest

ApicaLoadtest 1.10 and earlier stores Apica Loadtest LTP authentication tokens unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These tokens can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

6.5CVSS5.6AI score0.00314EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/07/09 12:0 a.m.โ€ข7 views

Tokens stored and displayed in plain text by deadmanssnitch

deadmanssnitch 0.1 stores Dead Man's Snitch tokens unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These tokens can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Additionally, the job configuratio...

6.5CVSS6AI score0.00262EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/07/09 12:0 a.m.โ€ข7 views

Token stored in plain text by user1st-utester

user1st-utester 1.1 and earlier stores the uTester JWT token unencrypted in its global configuration file io.jenkins.plugins.user1st.utester.UTesterPlugin.xml on the Jenkins controller as part of its configuration. This token can be viewed by users with access to the Jenkins controller file syste...

6.5CVSS6.4AI score0.00196EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/07/09 12:0 a.m.โ€ข7 views

API keys displayed without masking by testsigma

testsigma stores Testsigma API keys in job config.xml files on the Jenkins controller as part of its configuration. While these API keys are stored encrypted on disk, in testsigma 1.6 and earlier, the job configuration form does not mask these API keys, increasing the potential for attackers to...

4.3CVSS5.1AI score0.00222EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/07/09 12:0 a.m.โ€ข7 views

Keys stored in plain text by ifttt-build-notifier

ifttt-build-notifier 1.2 and earlier stores IFTTT Maker Channel Keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. As of publication ...

6.5CVSS6.4AI score0.00281EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/07/09 12:0 a.m.โ€ข7 views

Tokens stored in plain text by ibm-cloud-devops

ibm-cloud-devops 2.0.16 and earlier stores SonarQube authentication tokens unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These tokens can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. As of...

6.5CVSS6.4AI score0.00208EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/07/09 12:0 a.m.โ€ข7 views

Token stored and displayed in plain text by xooa

xooa 0.0.7 and earlier stores the Xooa Deployment token unencrypted in its global configuration file io.jenkins.plugins.xooa.GlobConfig.xml on the Jenkins controller as part of its configuration. This token can be viewed by users with access to the Jenkins controller file system. Additionally, th...

6.5CVSS5.9AI score0.00252EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/07/09 12:0 a.m.โ€ข7 views

Keys stored and displayed in plain text by nouvola-divecloud

nouvola-divecloud 1.08 and earlier stores DiveCloud API Keys and Credentials Encryption Keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These API keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller fil...

6.5CVSS6.4AI score0.00175EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/05/14 12:0 a.m.โ€ข7 views

Stored XSS vulnerability in cloudbees-jenkins-advisor

cloudbees-jenkins-advisor 374.v194bd4f0c8c8 and earlier does not escape responses from the Jenkins Health Advisor server. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control Jenkins Health Advisor server responses. cloudbees-jenkins-advisor...

8.8CVSS4.9AI score0.00495EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/05/14 12:0 a.m.โ€ข7 views

CSRF vulnerability and missing permission checks in vmanager-plugin

vmanager-plugin 4.0.1-286.v9e25a740ba48 and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password. Additionally, these form...

4.3CVSS5.1AI score0.00292EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/05/14 12:0 a.m.โ€ข7 views

Insufficient validation of claims in oidc-provider

In oidc-provider, claim templates can use environment variables for jobs and builds for dynamic content. The default claim template for build ID tokens uses the JOBURL environment variable for the sub Subject claim. In oidc-provider 96.vee8ed882ec4d and earlier the generation of build ID Tokens...

9.1CVSS8.7AI score0.00609EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/05/14 12:0 a.m.โ€ข7 views

SSL/TLS certificate validation unconditionally disabled by dingding-notifications

dingding-notifications 2.7.3 and earlier unconditionally disables SSL/TLS certificate and hostname validation for connections to the configured DingTalk webhooks. As of publication of this advisory, there is no fix. Learn why we announce this...

5.9CVSS5.2AI score0.00199EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/05/14 12:0 a.m.โ€ข7 views

Authentication bypass vulnerability in WSO2 Oauth

In WSO2 Oauth 1.0 and earlier authentication claims are accepted without validation by the "WSO2 Oauth" security realm. This allows unauthenticated attackers to log in to controllers using this security realm using any username and any password, including usernames that do not exist. Sessions...

9.8CVSS8.7AI score0.00616EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/04/10 12:0 a.m.โ€ข7 views

Host key reuse in SSH build agent Docker images

The https://hub.docker.com/r/jenkins/ssh-agentjenkins/ssh-agent and deprecated https://hub.docker.com/r/jenkins/ssh-slavejenkins/ssh-slave Docker images can be used to set up a build agent for use via the SSH Build Agents plugin. In jenkins/ssh-agent 6.11.1 and earlier and all versions of...

9.1CVSS8.2AI score0.00466EPSS
Exploits0
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/04/02 12:0 a.m.โ€ข7 views

Missing permission check allows retrieving agent configurations

Jenkins 2.503 and earlier, LTS 2.492.2 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Agent/Create permission but without Agent/Extended Read permission to copy an agent, gaining access to its configuration. Jenkins 2.504, LTS 2.492.3 requires...

4.3CVSS5.9AI score0.0039EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/04/02 12:0 a.m.โ€ข7 views

Script Security sandbox bypass vulnerability through folder-scoped libraries in templating-engine

templating-engine allows defining libraries both in the global configuration, as well as scoped to folders containing the pipelines using them. While libraries in the global configuration can only be set up by administrators and can therefore be trusted, libraries defined in folders can be...

8.8CVSS8.4AI score0.01171EPSS
Exploits1Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/04/02 12:0 a.m.โ€ข7 views

API keys stored and displayed in plain text by asakusa-satellite-plugin

asakusa-satellite-plugin 0.1.1 and earlier stores AsakusaSatellite API keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These API keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system...

5.5CVSS5.6AI score0.00276EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/04/02 12:0 a.m.โ€ข7 views

Passwords stored in plain text by monitor-remote-job

monitor-remote-job 1.0 stores passwords unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These passwords can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. As of publication of this advisory, there ...

5.5CVSS5.6AI score0.00276EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/03/19 12:0 a.m.โ€ข7 views

Stored XSS vulnerability in AnchorChain

AnchorChain 1.0 does not limit URL schemes for links it creates based on workspace content, allowing the javascript: scheme. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control the input file for the Anchor Chain post-build step. As of...

8CVSS4.9AI score0.00274EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/01/22 12:0 a.m.โ€ข7 views

atlassian-bitbucket-server-integration allows bypassing CSRF protection for any URL

An extension point in Jenkins allows selectively disabling cross-site request forgery CSRF protection for specific URLs. atlassian-bitbucket-server-integration implements this extension point to support OAuth 1.0 authentication. In atlassian-bitbucket-server-integration 2.1.0 through 4.1.3 both...

8.8CVSS7.8AI score0.00285EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/01/22 12:0 a.m.โ€ข7 views

Incorrect permission check in gitlab-plugin allows enumerating credentials IDs

gitlab-plugin 1.9.6 and earlier does not correctly perform a permission check in an HTTP endpoint. This allows attackers with global Item/Configure permission while lacking Item/Configure permission on any particular job to enumerate credential IDs of GitLab API token credentials and Secret text...

4.3CVSS5.1AI score0.00288EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/01/22 12:0 a.m.โ€ข7 views

Improper handling of case sensitivity in oic-auth

oic-auth 4.452.v2849bd3945fa and earlier, except 4.438.440.v3f5f201de5dc, treats usernames as case-insensitive. On a Jenkins instance configured with a case-sensitive OpenID Connect provider, this allows attackers to log in as any user by providing a username that differs only in letter case,...

8.8CVSS5.2AI score0.0053EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2025/01/22 12:0 a.m.โ€ข7 views

Cache confusion in eiffel-broadcaster

eiffel-broadcaster allows events published to RabbitMQ to be signed using certificate credentials. To improve performance, the plugin caches some data from the credential. eiffel-broadcaster 2.8.0 through 2.10.2 both inclusive uses the credential ID as the cache key. This allows attackers able to...

4.3CVSS5.2AI score0.00292EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/11/27 12:0 a.m.โ€ข7 views

Stored XSS vulnerability in simple-queue

simple-queue 1.4.4 and earlier does not escape the view name. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Create permission. simple-queue 1.4.5 escapes the view name...

8CVSS4.9AI score0.79731EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/11/27 12:0 a.m.โ€ข7 views

Denial of service vulnerability in bundled json-lib

Jenkins uses the library https://github.com/jenkinsci/json-liborg.kohsuke.stapler:json-lib to process JSON. This library is the Jenkins project's fork of https://search.maven.org/artifact/net.sf.json-lib/json-libnet.sf.json-lib:json-lib, which has since been renamed to...

7.5CVSS5.2AI score0.17572EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/11/13 12:0 a.m.โ€ข7 views

Restarting a run with revoked script approval allowed by pipeline-model-definition

pipeline-model-definition 2.2214.vbb34b2ea9b83 and earlier does not check whether the main Jenkinsfile script used to restart a build from a specific stage is approved. This allows attackers with Item/Build permission to restart a previous build whose Jenkinsfile script is no longer approved. NOT...

8CVSS7.6AI score0.00567EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/08/07 12:0 a.m.โ€ข7 views

Arbitrary file read vulnerability through agent connections can lead to RCE

NOTE: This entry was updated on 2024-08-10 to add a reference to a https://github.com/jenkinsci-cert/SECURITY-3430workaround. Jenkins uses the https://github.com/jenkinsci/remotingRemoting library typically agent.jar or remoting.jar for the communication between controller and agents. This librar...

9CVSS7.9AI score0.28782EPSS
Exploits4Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/06/26 12:0 a.m.โ€ข7 views

Exposure of secrets through system log in structs

structs provides utility functionality used, e.g., in Pipeline to instantiate and configure build steps, typically before their execution. When structs 337.v1b04ea4df7c8 and earlier fails to configure a build step, it logs a warning message containing diagnostic information that may contain secre...

3.1CVSS5.1AI score0.00439EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/05/24 12:0 a.m.โ€ข7 views

Missing permission checks in hp-application-automation-tools-plugin

hp-application-automation-tools-plugin 24.1.0 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate ALM jobs configurations, ALM Octane configurations and Service Virtualization configurations...

4.3CVSS5.2AI score0.0027EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/05/24 12:0 a.m.โ€ข7 views

XXE vulnerabilities in hp-application-automation-tools-plugin

hp-application-automation-tools-plugin 24.1.0 and earlier does not configure its XML parsers to prevent XML external entity XXE attacks. This allows attackers able to control the input files for hp-application-automation-tools-plugin build steps and post-build steps to have Jenkins parse a crafte...

8CVSS5.3AI score0.00442EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/04/17 12:0 a.m.โ€ข7 views

Terrapin SSH vulnerability in Jenkins CLI client

The CLI client jenkins-cli.jar in Jenkins 2.451 and earlier, LTS 2.440.2 and earlier bundles versions of the Apache MINA SSHD library that are susceptible to https://vulners.com/cve/CVE-2023-48795CVE-2023-48795 https://en.wikipedia.org/wiki/TerrapinattackTerrapin attack. This vulnerability allows...

5.9CVSS7AI score0.93305EPSS
Exploits4Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/03/20 12:0 a.m.โ€ข7 views

HTTP/2 denial of service vulnerability in bundled Jetty

Jenkins bundles Winstone-Jetty, a wrapper around Jetty, to act as HTTP and servlet server when started using java -jar jenkins.war. This is how Jenkins is run when using any of the installers or packages, but not when run using servlet containers such as Tomcat. Jenkins 2.443 and earlier, LTS...

7.5CVSS6.5AI score0.01433EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/03/06 12:0 a.m.โ€ข7 views

Improper input sanitization in htmlpublisher

SECURITY-784 / CVE-20218-1000175 is a path traversal vulnerability in htmlpublisher 1.15 and earlier. The fix for it retained compatibility for older reports as a fallback. In htmlpublisher 1.16 through 1.32 both inclusive this fallback for reports created in htmlpublisher 1.15 and earlier does n...

8CVSS6.7AI score0.00698EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/03/06 12:0 a.m.โ€ข7 views

Path traversal vulnerability in htmlpublisher

htmlpublisher 1.32 and earlier archives invalid symbolic links in report directories on agents and recreates them on the controller. Attackers with Item/Configure permission can use them to determine whether a path on the Jenkins controller file system exists, without being able to access it...

4.3CVSS5AI score0.00939EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/03/06 12:0 a.m.โ€ข7 views

Incorrect trust policy behavior for pull requests from forks in cloudbees-bitbucket-branch-source

Multibranch Pipelines with Bitbucket branch source can be configured to discover pull requests from forks. The trust policy is set to "Forks in the same account" by default. In cloudbees-bitbucket-branch-source 866.vdea7dcd3008e and earlier, except 848.850.v6aa2a234ac81, this trust policy allows...

6.3CVSS6.3AI score0.00556EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/03/06 12:0 a.m.โ€ข7 views

Improper SSL/TLS certificate validation in Delphix

Delphix provides a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections. In Delphix 3.0.1 through 3.1.0 both inclusive an option change from disabled validation to enabled validation fails to take effect until Jenkins is...

4.2CVSS5.2AI score0.00337EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/03/06 12:0 a.m.โ€ข7 views

Stored XSS vulnerability in build-monitor-plugin

build-monitor-plugin 1.14-860.vd06ef2568b3f and earlier does not escape Build Monitor View names. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure Build Monitor Views. As of publication of this advisory, there is no fix. Learn why we...

8CVSS5.3AI score0.80173EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/03/06 12:0 a.m.โ€ข7 views

Terrapin SSH vulnerability in trilead-api

trilead-api bundles the https://github.com/jenkinsci/trilead-ssh2/Jenkins project's fork of the Trilead SSH2 library for use by other plugins. trilead-api 2.133.vfb8a7b9c5dd1 and earlier, except 2.84.86.vf9c960e9b458, bundles versions of Jenkins/Trilead SSH2 that are susceptible to...

5.9CVSS7AI score0.93305EPSS
Exploits4Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/03/06 12:0 a.m.โ€ข7 views

SSL/TLS certificate validation disabled by default in Delphix

Delphix provides a global option for administrators to enable or disable SSL/TLS certificate validation for Data Control Tower DCT connections. In Delphix 3.0.1 this option is set to disable SSL/TLS certificate validation by default. In Delphix 3.0.2 this option is set to enable SSL/TLS certifica...

5.3CVSS5.3AI score0.00417EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/03/06 12:0 a.m.โ€ข7 views

Stored XSS vulnerability in icescrum

icescrum 1.1.6 and earlier does not sanitize iceScrum project URLs on build views. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure jobs. As of publication of this advisory, there is no fix. Learn why we announce this...

8.8CVSS7.5AI score0.01129EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/03/06 12:0 a.m.โ€ข7 views

Stored XSS vulnerability in htmlpublisher

htmlpublisher 1.32 and earlier does not escape job names, report names, and index page titles shown as part of the report frame. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. htmlpublisher 1.32.1 escapes job names, report...

8CVSS6AI score0.00681EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/03/06 12:0 a.m.โ€ข7 views

CSRF vulnerability and missing permission check in docker-build-step

docker-build-step 2.11 and earlier does not perform a permission check in an HTTP endpoint implementing a connection test. This allows attackers with Overall/Read permission to connect to an attacker-specified TCP or Unix socket URL. Additionally, the plugin reconfigures itself using the provided...

8.8CVSS6.8AI score0.00826EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/01/24 12:0 a.m.โ€ข7 views

Cross-site WebSocket hijacking vulnerability in the CLI

Jenkins has a built-in command line interface CLI to access Jenkins from a script or shell environment. Since Jenkins 2.217 and LTS 2.222.1, one of the ways to communicate with the CLI is through a WebSocket endpoint. This endpoint relies on the default Jenkins web request authentication...

8.8CVSS8AI score0.66921EPSS
Exploits1Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/01/24 12:0 a.m.โ€ข7 views

Arbitrary file read vulnerability in git-server can lead to RCE

git-server uses the https://github.com/kohsuke/args4jargs4j library to parse command arguments and options on the Jenkins controller when processing Git commands received via SSH. This command parser has a feature that replaces an @ character followed by a file path in an argument with the file's...

8.8CVSS7AI score0.01262EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
โ€ขadded 2024/01/24 12:0 a.m.โ€ข7 views

Shared projects are unconditionally discovered by gitlab-branch-source

GitLab allows sharing a project with another group. gitlab-branch-source 684.veafa7c1e2fe3 and earlier unconditionally discovers projects that are shared with the configured owner group. This allows attackers to configure and share a project, resulting in a crafted Pipeline being built by Jenkins...

6.5CVSS6.3AI score0.00458EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1464