Lucene search
K
JenkinsRecent

1464 matches found

Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•9 views

OS command execution vulnerabilities in Pipeline-related plugins

Multiple Pipeline-related plugins that perform on-controller SCM checkouts reuse the same workspace directory for checkouts of distinct SCMs in some contexts. - Pipeline: Groovy Plugin 2648.va9433432b33c and earlier uses the same checkout directories for distinct SCMs when reading the script file...

8.8CVSS8.1AI score0.01444EPSS
Exploits0Affected Software3
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•6 views

Sandbox bypass vulnerability in workflow-cps-global-lib

workflow-cps-global-lib 552.vd9cc05b8a2e1 and earlier uses the names of Pipeline libraries to create directories without canonicalization or sanitization. This allows attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM using specially...

8.8CVSS8.4AI score0.01601EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•9 views

Sandbox bypass vulnerability in workflow-cps-global-lib

workflow-cps-global-lib 552.vd9cc05b8a2e1 and earlier uses the names of Pipeline libraries to create cache directories without any sanitization. This allows attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM using specially crafted...

8.8CVSS8.4AI score0.01571EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•7 views

Stored XSS vulnerability in generic-webhook-trigger

generic-webhook-trigger 1.81 and earlier does not escape the build cause for the webhook. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to trigger builds using the webhook. generic-webhook-trigger 1.82 escapes the build cause when displayed on the U...

8CVSS5.4AI score0.00658EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•7 views

Sensitive data stored in plain text by support-core

support-core has a feature to redact potentially sensitive information in the support bundle. support-core 2.79 and earlier does not redact some sensitive information in the support bundle. This sensitive information can be viewed by anyone with access to the bundle. support-core 2.79.1 adds a li...

6.5CVSS6.4AI score0.00966EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•7 views

Missing permission check in conjur-credentials allows enumerating credentials IDs

conjur-credentials 1.0.11 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another...

4.3CVSS5.1AI score0.0068EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•8 views

Stored XSS vulnerability in agent-server-parameter

agent-server-parameter 1.0 and earlier does not escape parameter names of agent server parameters. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. agent-server-parameter 1.1 escapes parameter names of agent server parameters...

8CVSS5.3AI score0.00598EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in embotics-vcommander allow capturing credentials

embotics-vcommander 1.10 and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing...

8.8CVSS6.9AI score0.00912EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•7 views

Open redirect vulnerability in gitlab-oauth

gitlab-oauth 1.13 and earlier records the HTTP Referer header as part of the URL query parameters when the authentication process starts and redirects users to that URL when the user has finished logging in. This allows attackers with access to Jenkins to craft a URL that will redirect users to a...

5.4CVSS5.7AI score0.00724EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•6 views

Agent-to-controller security bypass in hashicorp-vault-plugin allows reading arbitrary files

hashicorp-vault-plugin 336.v182c0fbaaeb7 and earlier implements functionality that allows agent processes to read arbitrary files on the Jenkins controller file system. This allows attackers able to control agent processes to read arbitrary files on the Jenkins controller file system. NOTE: This...

6.5CVSS6.5AI score0.00809EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•7 views

CSRF vulnerability and missing permission checks in Chef Sinatra allow XXE

Chef Sinatra 1.20 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse the response as XML. As the plugin does not configure...

8.8CVSS7.9AI score0.01107EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•6 views

Missing synchronization vulnerability in convertigo-mobile-platform allow to capture passwords

convertigo-mobile-platform 1.1 and earlier uses static fields to store job configuration information. This allows attackers with Item/Configure permission to capture passwords of the jobs that will be configured. As of publication of this advisory, there is no fix. Learn why we announce this...

6.5CVSS6.4AI score0.00809EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•7 views

Sensitive information disclosure in workflow-cps

workflow-cps 2648.va9433432b33c and earlier includes password parameters from the original build in replayed builds. This allows attackers with Run/Replay permission to obtain the values of password parameters passed to previous builds of a Pipeline. workflow-cps 2656.vf7ae7b75a457 does not allow...

4.3CVSS5AI score0.00528EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•7 views

Password parameter default values exposed by pipeline-build-step

pipeline-build-step 2.15 and earlier reveals password parameter default values when generating a pipeline script using the Pipeline Snippet Generator. This allows attackers with Item/Read permission to retrieve the default password parameter value from jobs. pipeline-build-step 2.15.1 redacts...

6.5CVSS6.4AI score0.00876EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•7 views

Agent-to-controller security bypass in hashicorp-vault-plugin

hashicorp-vault-plugin 3.8.0 and earlier implements functionality that allows agent processes to retrieve any Vault secrets for use on the agent. This allows attackers able to control agent processes to obtain Vault secrets for an attacker-specified path and key. The functionality that allow agen...

6.5CVSS6.4AI score0.00809EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•7 views

Path traversal vulnerability in fortify

fortify 20.2.34 and earlier does not sanitize the appName and appVersion parameters of its Pipeline steps, which are used to write to files inside build directories. This allows attackers with Item/Configure permission to write or overwrite .xml files on the Jenkins controller file system with...

4.3CVSS5.1AI score0.01219EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•7 views

Stored XSS vulnerability in custom-checkbox-parameter

custom-checkbox-parameter 1.1 and earlier does not escape parameter names of custom checkbox parameters. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. custom-checkbox-parameter 1.2 escapes parameter names of custom checkbo...

8CVSS5.3AI score0.00598EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•10 views

CSRF vulnerability and missing permission check in autonomiq

autonomiq 1.15 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password. Additionally, this HTTP endpoint does not require POST requests, resulting...

8.8CVSS6.2AI score0.0055EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•7 views

CSRF vulnerability and missing permission check in scp

scp 1.8 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified username and password. Additionally, this form validation method does not...

8.8CVSS7.7AI score0.00787EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•6 views

Stored XSS vulnerability in Team Views

Team Views 0.9.0 and earlier does not escape team names. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Overall/Read permission. As of publication of this advisory, there is no fix. Learn why we announce this...

8CVSS5.3AI score0.00783EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•6 views

CSRF vulnerability and missing permission checks in checkmarx allow capturing credentials

checkmarx 2022.1.2 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in...

8.8CVSS6.8AI score0.00742EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•7 views

Stored XSS vulnerability in promoted-builds-simple

promoted-builds-simple 1.9 and earlier does not escape the name of custom promotion levels. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Overall/Administer permission. As of publication of this advisory, there is no fix. Learn why we announce this...

6.8CVSS4.9AI score0.00572EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•7 views

Agent-to-controller security bypass vulnerability in doktor

doktor 0.4.1 and earlier implements functionality that allows agent processes to render files on the controller as Markdown or Asciidoc. Additionally, error messages allow attackers able to control agent processes to determine whether a file with a given name exists. As of publication of this...

5.5CVSS5.7AI score0.00591EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in dbCharts

dbCharts 0.5.2 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified database via JDBC using attacker-specified credentials. Additionally, this method allows attackers to...

8.8CVSS7.8AI score0.00787EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/15 12:0 a.m.•7 views

CSRF vulnerability and missing permission check in SWAMP allows capturing credentials

SWAMP 1.2.6 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored i...

8.8CVSS7.7AI score0.0111EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/02/09 12:0 a.m.•7 views

DoS vulnerability in bundled XStream library

Jenkins 2.333 and earlier, LTS 2.319.2 and earlier is affected by the XStream library's vulnerability https://x-stream.github.io/CVE-2021-43859.htmlCVE-2021-43859. This library is used by Jenkins to serialize and deserialize various XML files, like global and job config.xml, build.xml, and numero...

7.5CVSS7.2AI score0.07934EPSS
Exploits1Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•6 views

Agent-to-controller security bypass in Debian Package Builder

Debian Package Builder 1.6.11 and earlier implements functionality that allows agent processes to invoke command-line git at an attacker-specified path on the controller. This allows attackers able to control agent processes to invoke arbitrary OS commands on the controller. As of publication of...

9CVSS8AI score0.01603EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•7 views

Password stored in plain text by Publish Over SSH

Publish Over SSH 1.22 and earlier stores password unencrypted in its global configuration file jenkins.plugins.publishoverssh.BapSshPublisherPlugin.xml on the Jenkins controller as part of its configuration. This password can be viewed by users with access to the Jenkins controller file system. A...

3.3CVSS4.8AI score0.00307EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•6 views

Access key stored in plain text by metrics

metrics 4.0.2.8 and earlier stores access keys unencrypted in its global configuration file jenkins.metrics.api.MetricsAccessKey.xml on the Jenkins controller as part of its configuration. This access key can be viewed by users with access to the Jenkins controller file system. metrics 4.0.2.8.1...

5.5CVSS5.7AI score0.00319EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•6 views

Missing permission checks in cloudbees-bitbucket-branch-source allow enumerating credentials IDs

cloudbees-bitbucket-branch-source 737.vdf9dc06105be and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the...

4.3CVSS5.1AI score0.00852EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•7 views

CSRF vulnerability in build triggers

Jenkins 2.329 and earlier, LTS 2.319.1 and earlier does not require POST requests for the HTTP endpoint handling manual build requests when no security realm is set, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to trigger build of job without...

4.3CVSS6AI score0.01779EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•7 views

Missing permission check in credentials-binding allows validating secret file credentials IDs

credentials-binding 1.27 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read access to validate if a credential ID refers to a secret file credential and whether it's a zip file. credentials-binding 1.27.1 performs...

4.3CVSS5AI score0.00852EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•13 views

CSRF vulnerability and missing permission checks in mailer

mailer 391.ve4a38c1bcf4b and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read access to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname. Additionally, this form validation method does n...

4.3CVSS6AI score0.0111EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•8 views

OS command execution vulnerability in docker-commons

docker-commons 1.17 and earlier does not sanitize the name of an image or a tag. This results in an OS command execution vulnerability exploitable by attackers with Item/Configure permission or able to control the contents of a previously configured job's SCM repository. docker-commons 1.18...

8.8CVSS8.1AI score0.02277EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•7 views

CSRF vulnerability in cloudbees-bitbucket-branch-source allows capturing credentials

cloudbees-bitbucket-branch-source 737.vdf9dc06105be and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified...

7.1CVSS7AI score0.00655EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•6 views

Non-constant time token comparison in configuration-as-code

configuration-as-code 1.55 and earlier does not use a constant-time comparison when checking whether two authentication tokens are equal. This could potentially allow attackers to use statistical methods to obtain a valid authentication token. configuration-as-code 1.55.1 now uses a constant-time...

5.3CVSS5.7AI score0.01121EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•6 views

Path traversal vulnerability in warnings-ng

warnings-ng 9.10.2 and earlier does not restrict the name of a file when configuring a custom ID. This allows attackers with Item/Configure permission to write and read specific files with a hard-coded suffix on the Jenkins controller file system. warnings-ng 9.10.3 checks for the presence of...

8.1CVSS7.7AI score0.01886EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•6 views

Stored XSS vulnerability in badge

badge allows adding custom build badges with a custom description and optionally a link to a URL. badge 1.9 and earlier does not escape the description and does not check for allowed protocols when creating a badge. This results in a stored cross-site scripting XSS vulnerability exploitable by...

8CVSS5.3AI score0.00839EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•7 views

Improper credentials masking in hashicorp-vault-plugin

Pipelines display commands executed in their Pipeline step descriptions and their output in build logs. To mask sensitive output, Pipeline: Groovy Plugin 2.84 and earlier specified an allowlist of known non-sensitive variables and masked everything else. This caused problems, so Pipeline: Groovy...

6.5CVSS6.5AI score0.00959EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•7 views

CSRF vulnerability and missing permission checks in Publish Over SSH

Publish Over SSH 1.22 and earlier does not perform permission checks in methods implementing connection tests. This allows attackers with Overall/Read access to connect to an attacker-specified SSH server using attacker-specified credentials. Additionally, these connection tests methods do not...

6.5CVSS5.5AI score0.26546EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•7 views

CSRF vulnerability in batch task

batch task 1.19 and earlier does not require POST requests for several HTTP endpoints, resulting in cross-site request forgery CSRF vulnerabilities. These vulnerabilities allow attackers with Overall/Read access to retrieve logs, build or delete a batch task. As of publication of this advisory,...

5.8CVSS5.6AI score0.00579EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•44 views

Agent-to-controller security bypass in conjur-credentials allows decrypting secrets

conjur-credentials 1.0.9 and earlier implements functionality that allows agent processes to obtain the plain text of any attacker-provided encrypted secret. This allows attackers able to control agent processes to decrypt secrets stored in Jenkins obtained through another method. As of publicati...

7.5CVSS7.2AI score0.00828EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•7 views

Agent-to-controller security bypass in conjur-credentials allows retrieving all credentials

conjur-credentials 1.0.9 and earlier implements functionality that allows agent processes to obtain all username/password credentials Credentials Plugin stored on the Jenkins controller. This allows attackers able to control agent processes to retrieve those credentials. As of publication of this...

7.5CVSS7.2AI score0.01285EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•6 views

Stored XSS vulnerability in matrix-project

matrix-project 1.19 and earlier does not escape HTML metacharacters in node and label names, and label descriptions. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Agent/Configure permission. matrix-project 1.20 escapes HTML metacharacters in node an...

8CVSS6.2AI score0.81842EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•6 views

Missing permission checks in ssh-agent allow enumerating credentials IDs

ssh-agent 1.23 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability. An...

4.3CVSS5.1AI score0.00748EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•6 views

User passwords transmitted in plain text by active-directory

active-directory implements two separate modes: integration with ADSI on Windows, and an OS agnostic LDAP-based mode. active-directory 2.25 and earlier does not encrypt the transmission of data between the Jenkins controller and Active Directory servers unless it is configured to use the OS...

6.5CVSS6.4AI score0.00449EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•7 views

Stored XSS vulnerability in Publish Over SSH

Publish Over SSH 1.22 and earlier does not escape the SSH server name. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Overall/Administer permission. As of publication of this advisory, there is no fix. Learn why we announce this...

6.8CVSS4.9AI score0.00819EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2022/01/12 12:0 a.m.•7 views

Path traversal vulnerability in Publish Over SSH

Publish Over SSH 1.22 and earlier performs a validation of the file name specifying whether it is present or not. This results in a path traversal vulnerability allowing attackers with Item/Configure permission to discover the name of the Jenkins controller files. As of publication of this...

4.3CVSS5AI score0.01504EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/11/12 12:0 a.m.•6 views

XXE vulnerability in pom2config

pom2config 1.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers with Overall/Read and Item/Read permissions to have Jenkins parse a crafted XML file that uses external entities for extraction of secrets from the Jenkins controller or...

7.1CVSS6.6AI score0.02366EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/11/12 12:0 a.m.•8 views

XXE vulnerability in dependency-check-jenkins-plugin

dependency-check-jenkins-plugin 5.1.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control workspace contents to have Jenkins parse a crafted XML file that uses external entities for extraction of secrets from the Jenkins...

7.1CVSS7.2AI score0.00979EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1464