Lucene search
K
JenkinsMost viewed

1464 matches found

Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•10 views

Missing hostname validation in miniorange-saml-sp

miniorange-saml-sp 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata. This lack of validation could be abused using a man-in-the-middle attack to intercept these connections. miniorange-saml-sp 2.1.0 performs...

4.8CVSS5.2AI score0.00209EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•10 views

Stored XSS vulnerability in workflow-job

workflow-job 1292.v27d8cc3e2602 and earlier does not escape the display name of the build that caused an earlier build to be aborted, when "Do not allow concurrent builds" is set. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to set build display...

7.5CVSS5.3AI score0.00586EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•10 views

Command injection vulnerability in convert-to-pipeline results in RCE

convert-to-pipeline 1.0 and earlier uses basic string concatenation to convert Freestyle projects' Build Environment, Build Steps, and Post-build Actions to the equivalent Pipeline step invocations. This allows attackers able to configure Freestyle projects to prepare a crafted configuration that...

9.8CVSS7.3AI score0.00779EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/02/15 12:0 a.m.•10 views

Missing permission checks in azure-credentials allow enumerating credentials IDs

azure-credentials 253.v887e0f9e898b and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using...

4.3CVSS5.1AI score0.00511EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/02/09 12:0 a.m.•10 views

Git releases with critical vulnerabilities on Jenkins Docker images

The Jenkins project provides Docker images for both controllers and agents. Most of these Docker images include the git command line tool to interact with Git repositories. Git releases published before 2023-01-17 are affected by the vulnerabilities...

9.8CVSS9.1AI score0.56334EPSS
Exploits0
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•10 views

Password stored in plain text by testquality-updater

testquality-updater 1.3 and earlier stores the TestQuality Updater password unencrypted in its global configuration file com.testquality.jenkins.TestQualityNotifier.xml on the Jenkins controller as part of its configuration. This password can be viewed by users with access to the Jenkins controll...

5.5CVSS5.6AI score0.00203EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/11/15 12:0 a.m.•10 views

Stored XSS vulnerability in BART

BART 1.0.3 and earlier does not escape the parsed content of build logs before rendering it on the Jenkins UI. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. As of publication of this advisory, there is no fix. Learn why we...

8CVSS5.3AI score0.00602EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/11/15 12:0 a.m.•10 views

Remote code execution vulnerability in pipeline-utility-steps

pipeline-utility-steps implements a readProperties Pipeline step that supports interpolation of variables using the Apache Commons Configuration library. pipeline-utility-steps 2.13.0 and earlier does not restrict the set of enabled prefix interpolators and bundles versions of this library with t...

9.8CVSS7.8AI score0.42646EPSS
Exploits3Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/11/15 12:0 a.m.•10 views

SSL/TLS certificate validation globally and unconditionally disabled by cavisson-ns-nd-integration

cavisson-ns-nd-integration 4.8.0.143 and earlier globally and unconditionally disables SSL/TLS certificate and hostname validation for the entire Jenkins controller JVM. cavisson-ns-nd-integration 4.8.0.146 no longer disables SSL/TLS certificate and hostname validation globally...

7.5CVSS7.2AI score0.00396EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/10/19 12:0 a.m.•10 views

CSRF vulnerability in Katalon allows capturing credentials

Katalon 1.0.33 and earlier does not require POST requests for several HTTP endpoints, resulting in cross-site request forgery CSRF vulnerabilities. This vulnerability allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method,...

4.3CVSS5AI score0.00397EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/10/19 12:0 a.m.•10 views

API keys stored in plain text by Katalon

Katalon 1.0.32 and earlier stores API keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These API keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Katalon 1.0.33 no longer stores the API...

6.5CVSS6.4AI score0.00668EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/09/21 12:0 a.m.•10 views

XXE vulnerability in rqm-plugin

rqm-plugin 2.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to provide crafted API responses from Rational Quality Manager to have Jenkins parse a crafted XML document that uses external entities for extraction of secrets fro...

9.8CVSS8.3AI score0.00725EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/08/23 12:0 a.m.•10 views

Improper masking of credentials in git

git 4.11.4 and earlier does not properly mask i.e., replace with asterisks credentials in the build log provided by the Git Username and Password gitUsernamePassword credentials binding. Usernames are masked instead of passwords in cases when usernames are not set to be treated as secret. git...

6.5CVSS6.3AI score0.00781EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/07/27 12:0 a.m.•10 views

Passwords stored in plain text by http_request

httprequest 1.15 and earlier stores HTTP Request passwords unencrypted in its global configuration file jenkins.plugins.httprequest.HttpRequest.xml on the Jenkins controller as part of its configuration when using deprecated Basic/Digest Authentication. These passwords can be viewed by users with...

6.5CVSS6.4AI score0.00723EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/07/27 12:0 a.m.•10 views

Missing permission checks in compuware-scm-downloader

compuware-scm-downloader 2.0.12 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate hosts and ports of Compuware configurations and credentials IDs of credentials stored in Jenkins. Those credentials IDs can be...

6.5CVSS6.4AI score0.00605EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/06/22 12:0 a.m.•10 views

Arbitrary file write vulnerability in pipeline-input-step

pipeline-input-step 448.v37cea9a10a70 and earlier allows Pipeline authors to specify file parameters for Pipeline input steps even though they are unsupported. Although the uploaded file is not copied to the workspace, Jenkins archives the file on the controller as part of build metadata using th...

8.8CVSS7.4AI score0.01478EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/06/22 12:0 a.m.•10 views

Unauthorized view fragment access

Jenkins uses the Stapler web framework to render its UI views. These views are frequently composed of several view fragments, enabling plugins to extend existing views with more content. Before SECURITY-534 was fixed in Jenkins 2.186 and LTS 2.176.2, attackers could in some cases directly access ...

7.5CVSS7.2AI score0.01297EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/06/22 12:0 a.m.•10 views

Passwords stored in plain text by convertigo-mobile-platform

convertigo-mobile-platform 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These passwords can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. As of publication of...

6.5CVSS6.4AI score0.00651EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/04/12 12:0 a.m.•10 views

CSRF vulnerability and missing permission checks in publish-over-ftp

publish-over-ftp 1.16 and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to connect to an FTP server using attacker-specified credentials. Additionally, these form validation methods do not require POST...

8.8CVSS6.3AI score0.0072EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/03/15 12:0 a.m.•10 views

Stored XSS vulnerability in dashboard-view

dashboard-view 2.18 and earlier does not perform URL validation for the Iframe Portlet's Iframe source URL. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to configure views. dashboard-view 2.18.1 performs URL validation for the Iframe Portlet's Ifra...

8CVSS5.3AI score0.00792EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/03/15 12:0 a.m.•10 views

Stored XSS vulnerability in extended-choice-parameter

extended-choice-parameter 346.vd87693c5a86c and earlier does not escape the value and description of Extended Choice Parameters with parameter type 'Radio Buttons' or 'Check Boxes'. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure...

8CVSS5.3AI score0.00633EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•10 views

CSRF vulnerability and missing permission check in autonomiq

autonomiq 1.15 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password. Additionally, this HTTP endpoint does not require POST requests, resulting...

8.8CVSS6.2AI score0.0055EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/01 12:0 a.m.•10 views

XXE vulnerability in valgrind

valgrind 0.28 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows a user able to control the input files for the Valgrind plugin parser to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins...

7.1CVSS7.2AI score0.00877EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/09/01 12:0 a.m.•10 views

Stored XSS vulnerability in vmanager-plugin

vmanager-plugin 3.0.4 and earlier does not escape build descriptions in tooltips. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Run/Update permission. vmanager-plugin 3.0.5 removes affected tooltips...

8CVSS5.3AI score0.00753EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•10 views

Stored XSS vulnerability in vncrecorder

vncrecorder 1.25 and earlier does not escape a tool path in the checkVncServ form validation endpoint accessed e.g. via job configuration forms. This results in a stored cross-site scripting XSS vulnerability exploitable by Jenkins administrators. vncrecorder 1.35 escapes the tool path...

4.8CVSS4.9AI score0.00702EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•10 views

Content-Security-Policy protection for user content disabled by ZAP Pipeline

Jenkins sets the Content-Security-Policy header to static files served by Jenkins specifically DirectoryBrowserSupport, such as workspaces, /userContent, or archived artifacts. ZAP Pipeline 1.9 and earlier globally disables the Content-Security-Policy header for static files served by Jenkins. Th...

5.4CVSS5.3AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•10 views

CSRF vulnerability and improper permission checks in swarm

swarm adds API endpoints to add or remove agent labels. In swarm 3.20 and earlier these only require a global Swarm secret to use, and no regular permission check is performed. This allows users with Agent/Create permission to add or remove labels of any agent. Additionally, these API endpoints d...

6.5CVSS5.5AI score0.00656EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/05/06 12:0 a.m.•10 views

CSRF vulnerability in ec2

ec2 1.50.1 and earlier does not require POST requests in several HTTP endpoints, resulting in cross-site request forgery CSRF vulnerabilities. This allows an attacker to provision instances with an attacker-specified template ID. ec2 1.50.2 now requires POST requests for the affected HTTP endpoin...

4.3CVSS4.9AI score0.00636EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/04/07 12:0 a.m.•10 views

XSS vulnerability in usemango-runner

Multiple form validation endpoints in usemango-runner 1.4 and earlier do not escape values received from the useMango service. This results in a cross-site scripting XSS vulnerability exploitable by users able to control the values returned from the useMango service. usemango-runner 1.5 escapes a...

5.4CVSS5.4AI score0.00705EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/09 12:0 a.m.•10 views

Credentials transmitted in plain text by skytap

skytap stores credentials in job config.xml files as part of its configuration. While the credentials are stored encrypted on disk, they are transmitted in plain text as part of the configuration form by skytap 2.07 and earlier. These credentials could be viewed by users with Extended Read...

4.3CVSS5.1AI score0.00511EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/09 12:0 a.m.•10 views

CSRF vulnerability and missing permission checks in p4

p4 1.10.10 and earlier does not perform permission checks in several HTTP endpoints. This allows users with Overall/Read access to trigger builds or add labels in the Perforce repository. Additionally, these endpoints do not require POST requests, resulting in a cross-site request forgery CSRF...

4.3CVSS4.9AI score0.00636EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/02/12 12:0 a.m.•10 views

Stored XSS vulnerability in subversion

subversion 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation. This results in a stored cross-site scripting vulnerability exploitable by users able to specify such base URLs, for example users able to configure Multibranch Pipelines...

5.4CVSS5.7AI score0.0093EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/01/29 12:0 a.m.•10 views

Diagnostic page exposed session cookies

Jenkins shows various technical details about the current user on the /whoAmI page. In a previous fix, the Cookie header value containing the HTTP session ID was redacted. However, user metadata shown on this page could also include the HTTP session ID in Jenkins 2.218 and earlier, LTS 2.204.1 an...

5.4CVSS5.3AI score0.07044EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/01/29 12:0 a.m.•10 views

Memory usage graphs accessible to anyone with Overall/Read

Jenkins includes a feature that shows a JVM memory usage chart for the Jenkins controller. Access to the chart in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier requires no permissions beyond the general Overall/Read, allowing users who are not administrators to view JVM memory usage data...

4.3CVSS5AI score0.01074EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/12/17 12:0 a.m.•10 views

CSRF vulnerability and missing permission checks in teamconcert allows capturing credentials

teamconcert 1.3.0 and earlier does not perform permission checks on a method implementing form validation. This allows users with Overall/Read access to Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials...

8.8CVSS6.9AI score0.00798EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/12/17 12:0 a.m.•10 views

Stored XSS vulnerability in pipeline-aggregator-view

pipeline-aggregator-view 1.8 and earlier does not escape the information shown on the view it provides, such as stage names or job names. This results in a stored cross-site scripting vulnerability exploitable by users able to configure jobs, define pipeline stages, or otherwise affect the...

5.4CVSS5.4AI score0.00688EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/11/21 12:0 a.m.•10 views

Sandbox bypass vulnerability in script-security

Sandbox protection in script-security could be circumvented through closure default parameter expressions. This allowed attackers able to specify and run sandboxed scripts to execute arbitrary code in the context of the Jenkins controller JVM. These expressions are now subject to sandbox protecti...

8.8CVSS8.4AI score0.01428EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/10/16 12:0 a.m.•10 views

cloudtest stores API token in plain text

cloudtest stores credentials unencrypted in its global configuration file com.soasta.jenkins.CloudTestServer.xml on the Jenkins controller. These credentials could be viewed by users with access to the Jenkins controller file system. As of publication of this advisory there is no fix...

4.3CVSS5.1AI score0.00469EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/10/16 12:0 a.m.•10 views

vmanager-plugin globally and unconditionally disabled SSL/TLS certificate validation

vmanager-plugin unconditionally disabled SSL/TLS certificate validation for the entire Jenkins controller JVM. vmanager-plugin no longer does that. Instead, it now has an opt-in option to ignore SSL/TLS errors for its connections...

8.2CVSS7.7AI score0.00993EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/10/01 12:0 a.m.•10 views

ldapemail shows plain text password in configuration form

ldapemail stores an LDAP bind password in its global Jenkins configuration. While the password is stored encrypted on disk, it is transmitted in plain text as part of the configuration form. This can result in exposure of the password through browser extensions, cross-site scripting...

7.5CVSS6.9AI score0.00887EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/09/25 12:0 a.m.•10 views

Script sandbox bypass vulnerability in Kubernetes Pipeline - Arquillian Steps Plugin

Kubernetes Pipeline - Arquillian Steps Plugin defines a custom list of pre-approved signatures for all scripts protected by the Script Security sandbox. This custom list of pre-approved signatures allows the use of methods that can be used to bypass Script Security sandbox protection. This result...

9.9CVSS9AI score0.01205EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/09/25 12:0 a.m.•10 views

gem-publisher stores credentials in plain text

gem-publisher stores an API key unencrypted in its global configuration file net.arangamani.jenkins.gempublisher.GemPublisher.xml on the Jenkins controller. This API key can be viewed by users with access to the Jenkins controller file system. As of publication of this advisory, there is no fix...

5.5CVSS5.7AI score0.00341EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/09/25 12:0 a.m.•10 views

XSS vulnerability in Jenkins URL setting

Jenkins did not validate or otherwise limit the possible values administrators could specify as Jenkins root URL. This resulted in a cross-site scripting vulnerability exploitable by users with Overall/Administer permission. Jenkins now prevents values other than HTTP/HTTPS URLs from being set as...

4.8CVSS4.9AI score0.00992EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/09/25 12:0 a.m.•10 views

aqua-microscanner showed plain text credential in configuration form

aqua-microscanner stores a token credential in its global Jenkins configuration. While the token is stored encrypted on disk, it was transmitted in plain text as part of the configuration form. This could result in exposure of the token through browser extensions, cross-site scripting...

5.3CVSS5.4AI score0.00771EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/09/25 12:0 a.m.•10 views

violation-comments-to-gitlab stored credentials in plain text

violation-comments-to-gitlab stored API tokens unencrypted in job config.xml files and its global configuration file org.jenkinsci.plugins.jvctgl.ViolationsToGitLabGlobalConfiguration.xml on the Jenkins controller. These credentials could be viewed by users with Extended Read permission, or acces...

6.5CVSS5.6AI score0.01068EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/09/25 12:0 a.m.•10 views

gcal stores credentials in plain text

gcal stores a calendar password unencrypted in job config.xml files on the Jenkins controller. This password can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. As of publication of this advisory, there is no fix...

6.5CVSS5.6AI score0.01001EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/08/07 12:0 a.m.•10 views

Arbitrary file read vulnerability in filesystem_scm

filesystemscm allows users able to configure jobs to read arbitrary files from the Jenkins controller, even if the job is running on an agent. As of publication of this advisory, there is no fix...

6.5CVSS6.5AI score0.0101EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/07/31 12:0 a.m.•10 views

configuration-as-code evaluated variable references when importing a previously exported configuration

configuration-as-code allows exporting the live Jenkins configuration, as well as importing and applying a configuration provided in the same format. One of the features of the import is that it allows specifying variable references e.g. $VARIABLENAME in the configuration YAML file. These will be...

5.5CVSS5.7AI score0.00737EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/07/31 12:0 a.m.•10 views

ec2 leaked beginning of private key in system log

ec2 printed a log message that contained the beginning of the private key to the Jenkins system log. The log message no longer includes the beginning of the private key...

5.5CVSS5.6AI score0.00337EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2019/07/31 12:0 a.m.•10 views

CSRF vulnerability in m2release

m2release did not require that requests sent to the endpoint used to initiate the release process use POST. This resulted in a cross-site request forgery vulnerability that allows attackers to perform releases. m2release now requires that these requests be sent via POST...

6.8CVSS6.3AI score0.00607EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1464