Lucene search
+L
JenkinsMost viewed

1464 matches found

Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•7 views

CSRF vulnerability and missing permission check in gearman-plugin

A missing permission check in a form validation method in gearman-plugin allows users with Overall/Read permission to initiate a connection test to an attacker-specified server. Additionally, the form validation method does not require POST requests, resulting in a CSRF vulnerability...

6.5CVSS6.3AI score0.01486EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•7 views

CSRF vulnerability and missing permission check in nomad allow SSRF

A missing permission check in a form validation method in nomad allows users with Overall/Read permission to initiate a connection test to an attacker-specified URL. Additionally, the form validation method does not require POST requests, resulting in a CSRF vulnerability...

6.5CVSS6.3AI score0.01536EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•7 views

Open STF Plugin stores credentials in plain text

Open STF Plugin stores credentials unencrypted in its global configuration file hudson.plugins.openstf.STFBuildWrapper.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

6.5CVSS6.5AI score0.01226EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•7 views

Crowd Integration Plugin stores credentials in plain text

Crowd Integration Plugin stores credentials unencrypted in the global configuration file config.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

6.5CVSS6.5AI score0.01622EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•7 views

Assembla Auth Plugin stores credentials in plain text

Assembla Auth Plugin stores credentials unencrypted in the global configuration file config.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

8.8CVSS7.9AI score0.01773EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•7 views

mabl-integration stores credentials in plain text

mabl-integration stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system...

8.8CVSS6.3AI score0.01773EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•7 views

minio-storage stores credentials in plain text

minio-storage stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.minio.MinioUploader.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

8.8CVSS6.2AI score0.01773EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•7 views

jabber-server-plugin stores credentials in plain text

jabber-server-plugin stores credentials unencrypted in its global configuration file de.enexus.jabber.JabberBuilder.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

8.8CVSS6.2AI score0.01773EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•7 views

CSRF vulnerability and missing permission check in kmap-jenkins allow SSRF

A missing permission check in a form validation method in kmap-jenkins allows users with Overall/Read permission to initiate a connection test to an attacker-specified server with attacker-specified credentials. Additionally, the form validation method does not require POST requests, resulting in...

6.5CVSS6.4AI score0.01486EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•7 views

AWS CloudWatch Logs Publisher Plugin stores credentials in plain text

AWS CloudWatch Logs Publisher Plugin stores credentials unencrypted in its global configuration file jenkins.plugins.awslogspublisher.AWSLogsConfig.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

8.8CVSS6.2AI score0.01365EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•7 views

CSRF vulnerability and missing permission check in jenkins-reviewbot allow SSRF

A missing permission check in a form validation method in jenkins-reviewbot allows users with Overall/Read permission to initiate a connection test to an attacker-specified URL with attacker-specified credentials. Additionally, the form validation method does not require POST requests, resulting ...

6.5CVSS6.3AI score0.01486EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•7 views

relution-publisher stores credentials in plain text

relution-publisher stores credentials unencrypted in its global configuration file org.jenkinsci.plugins.relutionpublisher.configuration.global.StoreConfiguration.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

8.8CVSS6.2AI score0.01773EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•7 views

netsparker-cloud-scan stored credentials in plain text

netsparker-cloud-scan stored API tokens unencrypted in its global configuration file com.netsparker.cloud.plugin.NCScanBuilder.xml on the Jenkins controller. These API tokens could be viewed by users with access to the Jenkins controller file system. netsparker-cloud-scan now stores API tokens...

8.8CVSS6.2AI score0.01832EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/03/25 12:0 a.m.•7 views

Sandbox bypass in Script Security Plugin and Pipeline: Groovy Plugin

Sandbox protection in the Script Security and Pipeline: Groovy Plugins could be circumvented through methods supporting type casts and type coercion. This allowed attackers to invoke constructors for arbitrary types. Script Security and Pipeline: Groovy have been hardened to prevent these methods...

9.8CVSS7AI score0.03366EPSS
Exploits0Affected Software2
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/03/25 12:0 a.m.•7 views

ECS Publisher Plugin stored and displayed API token in plain text

ECS Publisher Plugin stored the API token unencrypted in jobs' config.xml files and its global configuration file on the Jenkins controller. This token could be viewed by users with Extended Read permission, or access to the Jenkins controller file system. Additionally, the API token was not mask...

6.5CVSS6.5AI score0.01613EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/03/25 12:0 a.m.•7 views

SSRF vulnerability due to missing permission check in Fortify on Demand Uploader Plugin

A missing permission check in multiple form validation methods in Fortify on Demand Uploader Plugin allowed users with Overall/Read permission to initiate a connection test to an attacker-specified server. Additionally, the form validation methods did not require POST requests, resulting in a CSR...

6.5CVSS6.4AI score0.01536EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/03/06 12:0 a.m.•7 views

Sandbox bypass in Pipeline: Groovy Plugin

Pipeline: Groovy sandbox protection could be circumvented during parsing, compilation, and script instantiation by providing a crafted Groovy script. This allowed users able to control the contents of a pipeline to bypass the sandbox protection and execute arbitrary code on the Jenkins controller...

9.9CVSS9.1AI score0.75594EPSS
Exploits4Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/03/06 12:0 a.m.•7 views

AppDynamics Dashboard Plugin stored password in plain text

AppDynamics Dashboard Plugin stored username and password in its configuration unencrypted in jobs' config.xml files on the Jenkins controller. This password could be viewed by users with Extended Read permission, or access to the Jenkins controller file system. While masked from view using a...

8.8CVSS6.5AI score0.01399EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/03/06 12:0 a.m.•7 views

Script security sandbox bypass in Job DSL Plugin

Job DSL Plugin supports sandboxed Groovy expressions for Job DSL definitions. Its sandbox protection could be circumvented during parsing, compilation, and script instantiation by providing a crafted Groovy script. This allowed users able to control the Job DSL scripts to bypass the sandbox...

9.9CVSS8.8AI score0.02962EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/03/06 12:0 a.m.•7 views

Information disclosure in Azure VM Agents Plugin

A missing permission check in a form validation method in Azure VM Agents Plugin allowed users with Overall/Read access to verify a submitted configuration, obtaining limited information about the Azure account and configuration. Additionally, this form validation method did not require POST...

5CVSS5.2AI score0.00998EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/01/28 12:0 a.m.•7 views

Session fixation vulnerability in GitHub Authentication Plugin

GitHub Authentication Plugin did not invalidate the previous session and create a new one upon successful login, allowing attackers able to control or obtain another user's pre-login session ID to impersonate them. GitHub Authentication Plugin now invalidates the previous session during login and...

6.5CVSS5.9AI score0.00852EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/01/28 12:0 a.m.•7 views

Sandbox Bypass via CSRF in Warnings Plugin

Warnings Plugin has a form validation HTTP endpoint used to validate a user-submitted Groovy script through compilation, which was not subject to sandbox protection. The endpoint checked for the Overall/RunScripts permission, but did not require POST requests, so it was vulnerable to cross-site...

8.8CVSS8.4AI score0.0121EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/01/28 12:0 a.m.•7 views

CSRF vulnerability and missing permission checks in Kanboard Plugin allowed server-side request forgery

Kanboard Plugin did not perform permission checks on a method implementing form validation. This allowed users with Overall/Read access to Jenkins to submit a GET request to an attacker-specified URL. Additionally, this form validation method did not require POST requests, resulting in a CSRF...

4.3CVSS5AI score0.00642EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/01/28 12:0 a.m.•7 views

Monitoring Plugin did not apply CSRF protection even if enabled in Jenkins

Monitoring Plugin provides a standalone JavaMelody servlet with an independent CSRF protection configuration. Even if Jenkins had CSRF protection enabled, Monitoring Plugin may not have it enabled. Monitoring Plugin now checks on startup whether Jenkins has CSRF protection enabled and enables its...

6.5CVSS6.5AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/01/28 12:0 a.m.•7 views

Sandbox Bypass in Groovy Plugin

Groovy Plugin has a form validation HTTP endpoint used to validate a user-submitted Groovy script through compilation, which was not subject to sandbox protection. This allowed attackers with Overall/Read access to execute arbitrary code on the Jenkins controller by applying AST transforming...

8.8CVSS8.5AI score0.0155EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/01/28 12:0 a.m.•7 views

Sandbox Bypass via CSRF in Warnings Next Generation Plugin

Warnings Next Generation Plugin has a form validation HTTP endpoint used to validate a Groovy script through compilation, which was not subject to sandbox protection. The endpoint checked for the Overall/RunScripts permission, but did not require POST requests, so it was vulnerable to cross-site...

8.8CVSS8.4AI score0.01151EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/01/28 12:0 a.m.•7 views

XXE vulnerability in Job Import Plugin

Job Import Plugin allows to import jobs from other Jenkins instances. As a first step in this process, Job Import Plugin sends a request to another Jenkins instance, parsing XML REST API output to obtain a list of jobs that could be imported. Job Import Plugin did not configure the XML parser in ...

9.1CVSS8.3AI score0.01825EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/01/28 12:0 a.m.•7 views

CSRF vulnerability in Job Import Plugin allowed creating and overwriting jobs, installing some plugins

Job Import Plugin did not require that POST requests are sent to its /import URL, which processes requests to import jobs. This resulted in a cross-site request forgery CSRF vulnerability that could be exploited to create or replace jobs on the local instance if the remote Jenkins instance has...

5.3CVSS5.6AI score0.00524EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/01/16 12:0 a.m.•7 views

Administrators could persist access to Jenkins using crafted 'Remember me' cookie

Users with the Overall/RunScripts permission typically administrators were able to use the Jenkins script console to craft a 'Remember me' cookie that would never expire. This allowed attackers access to a Jenkins instance while the corresponding user in the configured security realm exists, for...

7.2CVSS6.3AI score0.01545EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/01/16 12:0 a.m.•7 views

Deleting a user in an external security realm did not invalidate their session or 'Remember me' cookie

When using an external security realm such as LDAP or Active Directory, deleting a user from the security realm does not result in the user losing access to Jenkins. While deleting the user record from Jenkins did invalidate the 'Remember me' cookie, there was no way to invalidate active sessions...

7.2CVSS6.3AI score0.01619EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/01/08 12:0 a.m.•7 views

Sandbox Bypass in Script Security and Pipeline Plugins

Script Security sandbox protection could be circumvented during the script compilation phase by applying AST transforming annotations such as @Grab to source code elements. Both the pipeline validation REST APIs and actual script/pipeline execution are affected. This allowed users with Overall/Re...

8.8CVSS7.3AI score0.98428EPSS
Exploits17Affected Software3
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/12/05 12:0 a.m.•7 views

Potential denial of service through cron expression form validation

The form validation for cron expressions e.g. "Poll SCM", "Build periodically" could enter infinite loops when cron expressions only matching certain rare dates were entered, blocking request handling threads indefinitely...

6.5CVSS6.2AI score0.02751EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/12/05 12:0 a.m.•7 views

Code execution through crafted URLs

Jenkins uses the Stapler web framework for HTTP request handling. Stapler's basic premise is that it uses reflective access to code elements matching its naming conventions. For example, any public method whose name starts with get, and that has a String, int, long, or no argument can be invoked...

10CVSS7.5AI score0.98481EPSS
Exploits5Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/10/10 12:0 a.m.•7 views

Failures to process form submission data could result in secrets being displayed or written to logs

When Jenkins fails to process form submissions due to an internal error, the error message shown to the user and written to the log typically includes the serialized JSON form submission. Secrets, such as submitted passwords, might be included with the JSON object, and shown or written to disk in...

7.8CVSS6.7AI score0.00433EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/09/25 12:0 a.m.•7 views

CSRF vulnerability in Email Extension Template Plugin

Some URLs implementing form submission handling in Email Extension Template Plugin did not require POST requests, resulting in a CSRF vulnerability that allowed attackers to create or remove templates. These URLs now require POST requests...

8.1CVSS7.8AI score0.00788EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/09/25 12:0 a.m.•7 views

Artifactory Plugin stored old directly entered credentials unencrypted on disk

Artifactory Plugin 2.4.0 introduced support for securely storing credentials using the Credentials Plugin. Old, insecurely stored credentials however were not removed when switching to this new system. Artifactory Plugin 2.16.2 and newer remove obsolete credentials stored in plain text when using...

7.8CVSS7.4AI score0.00333EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/09/25 12:0 a.m.•7 views

Stored XSS vulnerability in Config File Provider Plugin

Config File Provider Plugin did not escape configuration file metadata, resulting in a stored cross-site scripting XSS vulnerability. Config File Provider Plugin now escapes configuration file metadata shown on the Jenkins UI...

5.4CVSS5.4AI score0.00947EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/09/25 12:0 a.m.•7 views

CSRF vulnerability and missing permission checks in HipChat Plugin allowed capturing credentials

HipChat Plugin did not perform permission checks on a method that sends test notifications. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified HipChat server using attacker-specified connection settings and credentials IDs obtained through another method,...

8.8CVSS7.9AI score0.01064EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/09/25 12:0 a.m.•7 views

Unprivileged users with Overall/Read access are able to enumerate credential IDs in Mesos Plugin

Mesos Plugin provides a list of applicable credential IDs to allow administrators configuring the Mesos cloud to select the one to use. This functionality did not check permissions, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those could be used as part ...

6.5CVSS6.5AI score0.01449EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/08/15 12:0 a.m.•7 views

"Remember me" cookie was evaluated even if that feature is disabled

The "Remember me" feature can be disabled in the Jenkins security configuration. This did not disable the processing of previously set "Remember me" cookies, so they still allowed users to be logged in. "Remember me" cookies are no longer evaluated when the corresponding feature is disabled...

5.5CVSS6AI score0.00874EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/07/30 12:0 a.m.•7 views

CSRF vulnerability and missing permission checks in SaltStack Plugin allowed capturing credentials

SaltStack Plugin did not perform permission checks on methods implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in...

7.5CVSS6.3AI score0.00559EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/07/30 12:0 a.m.•7 views

CSRF vulnerability and missing permission checks in Agiletestware Pangolin Connector for TestRail Plugin allowed overriding plugin configuration

Agiletestware Pangolin Connector for TestRail Plugin did not perform permission checks on an API endpoint used to validate and save the plugin configuration. This allowed users with Overall/Read access to Jenkins to override the plugin configuration. Additionally, the API endpoint did not require...

6.5CVSS6.5AI score0.01019EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/07/30 12:0 a.m.•7 views

CSRF vulnerability and missing permission checks in Confluence Publisher Plugin

Confluence Publisher Plugin did not perform permission checks on a method implementing form validation. This allowed users with Overall/Read access to Jenkins to submit login requests to Confluence using attacker-specified credentials. Additionally, this form validation method did not require POS...

4.3CVSS5AI score0.00642EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/07/18 12:0 a.m.•7 views

Users without Overall/Read permission can have Jenkins reset parts of global configuration on the next restart

Unauthenticated users could provide maliciously crafted login credentials that cause Jenkins to move the config.xml file from the Jenkins home directory. This configuration file contains basic configuration of Jenkins, including the selected security realm and authorization strategy. If Jenkins i...

8.8CVSS5.4AI score0.18116EPSS
Exploits1Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/06/25 12:0 a.m.•7 views

AWS CodePipeline Plugin stored AWS Secret Key in plain text

AWS CodePipeline Plugin stored the AWS Secret Key in its configuration unencrypted in jobs' config.xml files on the Jenkins controller. This key could be viewed by users with Extended Read permission, or access to the Jenkins controller file system. While masked from view using a password form...

7.8CVSS7.4AI score0.00339EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/06/25 12:0 a.m.•7 views

Persisted cross-site scripting vulnerability in Badge Plugin

Badge Plugin stored and displayed user-provided HTML for badges and summaries unprocessed, allowing users with the ability to control badge content to store malicious HTML to be displayed within Jenkins. Badge Plugin 1.5 and newer sanitizes the provided HTML for display on the Jenkins web UI...

5.4CVSS5.6AI score0.00704EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/06/25 12:0 a.m.•7 views

AWS CodeDeploy Plugin persisted possibly sensitive environment variables in job configuration

AWS CodeDeploy Plugin could persist environment variables from the last run of any project with the post-build step configured in the job's config.xml file. In some cases, this allowed users with file system access or Extended Read permission to obtain those potentially sensitive environment...

5CVSS5AI score0.00967EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/06/25 12:0 a.m.•7 views

AWS CodeBuild Plugin stored AWS Secret Key in plain text

AWS CodeBuild Plugin stored the AWS Secret Key in its configuration unencrypted in jobs' config.xml files on the Jenkins controller. This key could be viewed by users with Extended Read permission, or access to the Jenkins controller file system. While masked from view using a password form field...

7.8CVSS7.4AI score0.00339EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/06/25 12:0 a.m.•7 views

CollabNet Plugin globally and unconditionally disables SSL/TLS certificate validation

CollabNet Plugin disabled SSL/TLS certificate validation for the entire Jenkins controller JVM by default. CollabNet Plugin 2.0.5 and newer no longer does that. It instead requires users to opt in to disabling SSL/TLS certificate validation by setting the system property...

7.4CVSS6.8AI score0.00856EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/06/25 12:0 a.m.•7 views

Configuration as Code Plugin logged passwords in clear text

Configuration as Code Plugin logged secrets set via its configuration to the Jenkins controller system log in plain text. This allowed users with access to the Jenkins log files to obtain these passwords and similar secrets. Secrets are now masked when logging configuration...

8.8CVSS8.1AI score0.00896EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1464