Lucene search
K
JenkinsMost viewed

1464 matches found

Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•10 views

zap stores credentials in plain text

zap stores Jira credentials unencrypted in its global configuration file org.jenkinsci.plugins.zap.ZAPBuilder.xml on the Jenkins controller. These credentials can be viewed by users with access to the Jenkins controller file system...

8.8CVSS7.9AI score0.01365EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/04/03 12:0 a.m.•10 views

CSRF vulnerability and missing permission check in openid allow SSRF

A missing permission check in a form validation method in openid allows users with Overall/Read permission to initiate a connection test to an attacker-specified URL. Additionally, the form validation method does not require POST requests, resulting in a CSRF vulnerability...

6.5CVSS6.3AI score0.01549EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/03/25 12:0 a.m.•10 views

XSS vulnerability in Lockable Resources Plugin

Lockable Resources Plugin did not properly escape resource names in generated JavaScript code, thus leading to a cross-site scripting XSS vulnerability. The plugin now properly escapes resource names in its scripts...

5.4CVSS6AI score0.01397EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/03/06 12:0 a.m.•10 views

SSRF and data modification vulnerability due to missing permission check in Bitbar Run-in-Cloud

A missing permission check in a method performing both form validation and saving new configuration in Bitbar Run-in-Cloud Plugin allowed users with Overall/Read permission to have Jenkins connect to an attacker-specified host with attacker-specified credentials, and, if successful, save that as...

4.3CVSS5.5AI score
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/03/06 12:0 a.m.•10 views

Rabbit-MQ Publisher Plugin stored password in plain text

Rabbit-MQ Publisher Plugin stored the username and password in its configuration unencrypted in its global configuration file on the Jenkins controller. This password could be viewed by users with access to the Jenkins controller file system. The plugin now stores the password encrypted in the...

3.3CVSS5.3AI score
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/01/28 12:0 a.m.•10 views

Sandbox Bypass in Script Security Plugin

Script Security sandbox protection could be circumvented during the script compilation phase by applying AST transforming annotations such as @Grab to source code elements. This affected an HTTP endpoint used to validate a user-submitted Groovy script that was not covered in the 2019-01-08 fix fo...

8.8CVSS8.5AI score0.19042EPSS
Exploits3Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/08/15 12:0 a.m.•10 views

Jenkins allowed deserialization of <code>URL</code> objects with host components

Jenkins allowed deserialization of URL objects via Remoting agent communication and XStream. This could in rare cases be used by attackers to have Jenkins look up specified hosts' DNS records. Jenkins now injects a URLStreamHandler when deserializing URLs that overrides the affected URL methods...

5.3CVSS6.2AI score0.01459EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/07/30 12:0 a.m.•10 views

CSRF vulnerability and missing permission checks in TraceTronic ECU-TEST Plugin allowed server-side request forgery

TraceTronic ECU-TEST Plugin did not perform permission checks on a method implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified URL, with the suffix /app-version-info appended. Additionally, this form validation method did not...

6.5CVSS6.5AI score0.00862EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/07/30 12:0 a.m.•10 views

CSRF vulnerability and missing permission checks in Accurev Plugin allowed capturing credentials

Accurev Plugin did not perform permission checks on a method implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified Accurev server using attacker-specified credentials IDs obtained through another method, capturing credentials stor...

8.8CVSS8.1AI score0.01119EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/07/18 12:0 a.m.•10 views

Unauthorized users could cancel queued builds

The URLs handling cancellation of queued builds did not perform a permission check, allowing users with Overall/Read permission to cancel queued builds. The URLs handling cancellation of queued builds now ensure that the user has the Item/Cancel permission...

4.3CVSS5.5AI score0.00759EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/06/04 12:0 a.m.•10 views

Server-side request forgery vulnerability in GitHub Branch Source Plugin

A form validation method in GitHub Branch Source Plugin did not check the permission of the user accessing them, allowing anyone with Overall/Read access to Jenkins to cause Jenkins to send a GET request to a specified URL. Additionally, this form validation method did not require POST requests,...

5CVSS5.1AI score0.00642EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/03/26 12:0 a.m.•10 views

Cucumber Living Documentation Plugin disabled Content-Security-Policy for archived and workspace files

Jenkins 1.641 and 1.625.3 introduced Content-Security-Policy HTTP headers as protection against Cross-Site Scripting attacks using workspace files and archived artifacts served using DirectoryBrowserSupport SECURITY-95. Cucumber Living Documentation Plugin disabled this XSS protection until Jenki...

6.1CVSS5.9AI score0.00861EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/01/22 12:0 a.m.•10 views

SECURITY-694

Bulletin has no description...

4.8CVSS4.9AI score
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2018/01/22 12:0 a.m.•10 views

SECURITY-507

Bulletin has no description...

3.1CVSS4.9AI score
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2026/06/10 12:0 a.m.•9 views

Stored XSS vulnerability in node offline cause description

Since Jenkins 2.483, the description of the reason why a node is offline the "offline cause" is defined as containing HTML and rendered as such. Jenkins 2.567 and earlier, LTS 2.555.2 and earlier does not escape the user-provided description of a generic offline cause that could be set through th...

8CVSS4.9AI score0.00261EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2026/06/10 12:0 a.m.•9 views

Plaintext secrets persisted and served by config.xml endpoints

In Jenkins 2.567 and earlier, LTS 2.555.2 and earlier, POST config.xml submissions are written to disk as-is once their content can be successfully deserialized, while GET config.xml responses are served directly from those files. As a result, plaintext secrets in a POST config.xml submission...

5.3CVSS5.2AI score0.0019EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2026/05/27 12:0 a.m.•9 views

RCE vulnerability from unvalidated LDAP referrals in ldap

ldap 807.v7d7de30930cf and earlier follows LDAP referrals from the configured LDAP server. These can forward to an RMI URL that causes Jenkins to deserialize attacker-controlled data, resulting in Remote Code Execution RCE on the Jenkins controller if deserialization "gadgets" are available on th...

6.6CVSS6AI score0.00285EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2026/05/27 12:0 a.m.•9 views

Missing permission check in job-import-plugin allows enumerating credentials IDs

job-import-plugin 143.v044a2e819b27 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using anothe...

4.3CVSS5.2AI score0.00178EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2026/05/27 12:0 a.m.•9 views

CSRF vulnerability in github-pullrequest

github-pullrequest 0.7.3 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to trigger a build for a pull request. github-pullrequest 0.7.4 requires POST requests for the affected HTTP...

4.3CVSS5.2AI score0.00109EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2026/04/29 12:0 a.m.•9 views

Unsafe deserialization allows invoking parameterless constructors in matrix-auth

matrix-auth 2.0-beta-1 through 3.2.9 both inclusive invokes parameterless constructors of classes specified in configuration when deserializing inheritance strategies, without restricting the classes that can be instantiated. This can be abused by attackers with Item/Configure permission to...

6.5CVSS5.3AI score0.00246EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2026/04/29 12:0 a.m.•9 views

XSS vulnerability in github

github 1.46.0 and earlier improperly processes the current job URL as part of JavaScript implementing validation of the feature "GitHub hook trigger for GITScm polling". This results in a stored cross-site scripting XSS vulnerability exploitable by non-anonymous attackers with Overall/Read...

9CVSS5.4AI score0.00281EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2026/04/29 12:0 a.m.•9 views

Missing permission check in script-security allows enumerating pending and approved classpaths

script-security 1399.ve6a66547f6e1 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths. script-security 1402.v94c9ce464861 requires Overall/Administer permission to...

4.3CVSS5.2AI score0.00174EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2026/02/18 12:0 a.m.•9 views

Build information disclosure vulnerability through Run Parameter

Jenkins 2.550 and earlier, LTS 2.541.1 and earlier accepts Run Parameter values that refer to builds the user submitting the build does not have access to. This allows attackers with Item/Build and Item/Configure permission to obtain information about the existence of jobs, the existence of build...

4.3CVSS7.8AI score0.00333EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/12/10 12:0 a.m.•9 views

Missing permission check in BlazeMeterJenkinsPlugin allows enumerating credentials IDs

BlazeMeterJenkinsPlugin 4.26 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another...

5.3CVSS5.2AI score0.00218EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/12/10 12:0 a.m.•9 views

Path traversal vulnerability in pipeline-reporter-by-redpen

pipeline-reporter-by-redpen 1.054.v7b9517b6b202 and earlier does not correctly perform path validation of the workspace directory while uploading artifacts to Jira. Additionally, pipeline-reporter-by-redpen does not support distributed builds, causing artifact uploads to occur from the Jenkins...

4.3CVSS5.2AI score0.00301EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/12/10 12:0 a.m.•9 views

Denial of service vulnerability in HTTP-based CLI

Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not properly close HTTP-based CLI connections when the connection stream becomes corrupted. This allows unauthenticated attackers to cause a denial of service by creating HTTP-based CLI connection requests, resulting in request-handling...

7.5CVSS7.6AI score0.00515EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/10/29 12:0 a.m.•9 views

Replay vulnerability in saml

saml 4.583.vc68232f7018a and earlier does not implement a replay cache. This allows attackers able to obtain information about the SAML authentication flow between a user's web browser and Jenkins to replay those requests, authenticating to Jenkins as that user. saml 4.583.585.v22ccc1139f55...

7.5CVSS5.2AI score0.00387EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/10/29 12:0 a.m.•9 views

Missing permission checks in mcp-server

mcp-server 0.84.v50ca24ef83f2 and earlier does not perform permission checks in several MCP tools. This allows to do the following: Attackers with Item/Read permission can obtain information about the configured SCM in a job despite lacking Item/Extended Read permission getJobScm. Attackers with...

5.4CVSS5.2AI score0.00239EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/10/29 12:0 a.m.•9 views

CSRF vulnerability and missing permission check in windocks-start-container

windocks-start-container 1.4 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified URL. Additionally, this endpoint does not require POST requests, resulting in a cross-site request forgery CSRF...

4.3CVSS5.1AI score0.00227EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/10/29 12:0 a.m.•9 views

Java protection mechanism disabled in eggplant-runner

eggplant-runner 0.0.1.301.v963cffe8ddb8 and earlier sets the Java system property jdk.http.auth.tunneling.disabledSchemes to an empty value as part of applying a proxy configuration. This disables https://www.oracle.com/java/technologies/javase/8u111-relnotes.htmla protection mechanism of the Jav...

5.9CVSS7.2AI score0.03937EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/09/17 12:0 a.m.•9 views

Log message injection vulnerability

In Jenkins 2.527 and earlier, LTS 2.516.2 and earlier, the log formatter that prepares log messages for console output including jenkins.log and equivalent does not restrict or transform the characters that can be inserted from user-specified content in log messages. This allows attackers able to...

5.3CVSS7.3AI score0.00335EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/04/02 12:0 a.m.•9 views

API keys stored in plain text by stackhammer

stackhammer 1.0.6 and earlier stores Stack Hammer API keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These API keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. As of publication of thi...

5.5CVSS5.6AI score0.00276EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/04/02 12:0 a.m.•9 views

Missing permission check allows retrieving secrets from agent configurations

Jenkins 2.503 and earlier, LTS 2.492.2 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Agent/Create permission but without Agent/Configure permission to copy an agent, gaining access to encrypted secrets in its configuration. NOTE: This is due to an...

4.3CVSS6.2AI score0.00375EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/03/05 12:0 a.m.•9 views

Encrypted values of secrets stored in view configuration revealed to users with View/Read permission

Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets when accessing config.xml of views via REST API or CLI. This allows attackers with View/Read permission to view encrypted values of secrets. NOTE: This issue is related to SECURITY-266 in the 2016-05-11...

4.3CVSS6AI score0.00317EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2025/03/05 12:0 a.m.•9 views

Open redirect vulnerability

Various features in Jenkins redirect users to partially user-controlled URLs inside Jenkins. To prevent open redirect vulnerabilities, Jenkins limits redirections to safe URLs neither absolute nor scheme-relative/network-path reference. In Jenkins 2.499 and earlier, LTS 2.492.1 and earlier,...

4.3CVSS5AI score0.00581EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2024/06/26 12:0 a.m.•9 views

Bitbucket OAuth access token exposed in the build log by cloudbees-bitbucket-branch-source

cloudbees-bitbucket-branch-source 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth access token as part of the Bitbucket URL in the build log in some cases. cloudbees-bitbucket-branch-source 887.vad359b3d2d8d does not include the Bitbucket OAuth access token as part of the Bitbucket URL i...

4.3CVSS5AI score0.00489EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/12/13 12:0 a.m.•9 views

Password stored in a recoverable format by oic-auth

oic-auth provides an anti-lockout feature, which allows administrators to define a local user account that can be used to recover access to Jenkins. In oic-auth 2.6 and earlier the password to that account is stored in a recoverable format. This allows attackers with access to the Jenkins...

6.7CVSS6.5AI score0.00286EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/12/13 12:0 a.m.•9 views

CSRF vulnerability in htmlresource allows deleting arbitrary files

htmlresource 1.02 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to delete arbitrary files on the Jenkins controller file system. As of publication of this advisory, there is no fix...

8.8CVSS7.8AI score0.00493EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/08/16 12:0 a.m.•9 views

Information disclosure in cloudbees-folder

cloudbees-folder displays an error message when attempting to access the Scan Organization Folder Log if no logs are available. In cloudbees-folder 6.846.v23698686f0f6 and earlier, this error message includes the absolute path of a log file, exposing information about the Jenkins controller file...

4.3CVSS5AI score0.00533EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/07/12 12:0 a.m.•9 views

Open redirect vulnerability in openshift-login

openshift-login 1.1.0.227.v27e08dfb1a20 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins. This allows attackers to perform phishing attacks by having users go to a Jenkins URL that will forward them to a different site after successful...

6.1CVSS6AI score0.00487EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•9 views

Missing hostname validation in miniorange-saml-sp

miniorange-saml-sp 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata. This lack of validation could be abused using a man-in-the-middle attack to intercept these connections. miniorange-saml-sp 2.1.0 performs...

4.8CVSS5.2AI score0.00209EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•9 views

Missing permission checks in codedx

codedx 3.1.0 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Item/Read permission to check for the existence of an attacker-specified file path on an agent file system. codedx 4.0.0 requires Item/Configure permission for this fo...

4.3CVSS5AI score0.00953EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•9 views

Stored XSS vulnerability in loadcomplete

loadcomplete 1.0 and earlier does not escape the LoadComplete test name in its test result page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. As of publication of this advisory, there is no fix. Learn why we announce this...

8CVSS5.3AI score0.00456EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•9 views

Path traversal vulnerability in sidebar-link

sidebar-link allows specifying files in the userContent/ directory for use as link icons. sidebar-link 2.2.1 and earlier does not restrict the path of files in a method implementing form validation. This allows attackers with Overall/Read permission to check for the existence of an...

4.3CVSS5AI score0.72358EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/02/15 12:0 a.m.•9 views

Stored XSS vulnerability in pipeline-build-step

pipeline-build-step 2.18 and earlier does not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control job names. pipeline-build-step 2.18.1 escapes job names in the...

8CVSS5.3AI score0.814EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•9 views

Password stored in plain text by testquality-updater

testquality-updater 1.3 and earlier stores the TestQuality Updater password unencrypted in its global configuration file com.testquality.jenkins.TestQualityNotifier.xml on the Jenkins controller as part of its configuration. This password can be viewed by users with access to the Jenkins controll...

5.5CVSS5.6AI score0.00203EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/11/15 12:0 a.m.•9 views

XXE vulnerability on agents in cccc

cccc 0.6 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control the contents of the report file for the 'Publish CCCC Report' post-build step to have agent processes parse a crafted file that uses external entities for...

9.8CVSS8.6AI score0.01057EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/11/15 12:0 a.m.•9 views

Stored XSS vulnerability in BART

BART 1.0.3 and earlier does not escape the parsed content of build logs before rendering it on the Jenkins UI. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. As of publication of this advisory, there is no fix. Learn why we...

8CVSS5.3AI score0.00602EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/11/15 12:0 a.m.•9 views

Remote code execution vulnerability in pipeline-utility-steps

pipeline-utility-steps implements a readProperties Pipeline step that supports interpolation of variables using the Apache Commons Configuration library. pipeline-utility-steps 2.13.0 and earlier does not restrict the set of enabled prefix interpolators and bundles versions of this library with t...

9.8CVSS7.8AI score0.42646EPSS
Exploits3Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/10/19 12:0 a.m.•9 views

API keys stored in plain text by Katalon

Katalon 1.0.32 and earlier stores API keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These API keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Katalon 1.0.33 no longer stores the API...

6.5CVSS6.4AI score0.00668EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1464