Lucene search
K
JenkinsRecent

1464 matches found

Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/11/12 12:0 a.m.•6 views

Stored XSS vulnerability in uno-choice

uno-choice 2.5.6 and earlier does not escape the parameter name of reactive parameters and dynamic reference parameters. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Job/Configure permission. uno-choice 2.5.7 escapes references to parameter names...

8CVSS5.3AI score0.88476EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/11/12 12:0 a.m.•6 views

Stored XSS vulnerability in scriptler

scriptler 3.3 and earlier does not escape the name of scripts on the UI when asking to confirm their deletion. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to create Scriptler scripts. scriptler 3.4 escapes the name of scripts on the UI when asking...

8CVSS5.3AI score0.00684EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/11/12 12:0 a.m.•8 views

XXE vulnerability in performance

performance 3.20 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control workspace contents to have Jenkins parse a crafted XML report file that uses external entities for extraction of secrets from the Jenkins controller or...

7.1CVSS6.5AI score0.01671EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/11/12 12:0 a.m.•6 views

Agent-to-controller security bypass in Squash TM Publisher (Squash4Jenkins) allows writing arbitrary files

Squash TM Publisher Squash4Jenkins 1.0.0 and earlier implements an agent-to-controller message that does not implement any validation of its input. This allows attackers able to control agent processes to replace arbitrary files on the Jenkins controller file system with an attacker-controlled JS...

8.1CVSS7.8AI score0.01068EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/11/04 12:0 a.m.•6 views

Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control

The agent-to-controller security subsystem limits which files on the Jenkins controller can be accessed by agent processes. Multiple vulnerabilities in the file path filtering implementation of Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allow agent processes to read and write arbitrary...

9.8CVSS8.1AI score0.02451EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/11/04 12:0 a.m.•6 views

Agent-to-controller access control allows reading/writing most content of build directories

Agents are allowed some limited access to files on the Jenkins controller file system. The directories agents are allowed to access in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier include the directories storing build-related information, intended to allow agents to store build-related...

9.1CVSS8.2AI score0.0155EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/11/04 12:0 a.m.•6 views

Path traversal vulnerability in subversion allows reading arbitrary files

subversion 2.15.0 and earlier does not restrict the name of a file when looking up a subversion key file on the controller from an agent. This allows attackers able to control agent processes to read arbitrary files on the Jenkins controller file system. subversion 2.15.1 checks for the presence ...

7.5CVSS7.3AI score0.02073EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/11/04 12:0 a.m.•11 views

Agent-to-controller access control allowed writing to sensitive directory used by Pipeline: Shared Groovy Libraries Plugin

Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not limit agent read/write access to the libs/ directory inside build directories when using the FilePath APIs. This directory is used by the Pipeline: Shared Groovy Libraries Plugin to store copies of shared libraries. This allows attackers...

9.8CVSS8.7AI score0.0232EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/10/06 12:0 a.m.•7 views

Improper handling of equivalent directory names on Windows

Jenkins stores jobs and other entities on disk using their name shown on the UI as file and folder names. On Windows, when specifying a file or folder with a trailing dot character example., the file or folder will be treated as if that character was not present example. As both are legal names f...

6.3CVSS5AI score0.00967EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/10/06 12:0 a.m.•6 views

Jenkins core bundles vulnerable version of the commons-httpclient library

Jenkins 2.314 and earlier, LTS 2.303.1 and earlier bundles a version of the commons-httpclient library with the vulnerability https://nvd.nist.gov/vuln/detail/CVE-2014-3577CVE-2014-3577 that incorrectly verified SSL/TLS certificates, making it susceptible to man-in-the-middle attacks. This librar...

5.8CVSS6.4AI score0.09149EPSS
Exploits1Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/10/06 12:0 a.m.•7 views

Path traversal vulnerability on Windows

The file browser for workspaces, archived artifacts, and userContent/ in Jenkins 2.314 and earlier, LTS 2.303.1 and earlier may interpret some paths to files as absolute on Windows. This results in a path traversal vulnerability allowing attackers with Overall/Read permission Windows controller o...

6.5CVSS6.5AI score0.02103EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/10/06 12:0 a.m.•6 views

Stored XSS vulnerability in git

git 4.8.2 and earlier does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to submit crafted commit notifications to the...

7.5CVSS6.2AI score0.01197EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/08/31 12:0 a.m.•8 views

azure-ad allows bypassing CSRF protection for any URL

An extension point in Jenkins allows selectively disabling cross-site request forgery CSRF protection for specific URLs. azure-ad implements this extension point for URLs used by a JavaScript component. In azure-ad 179.vf6841393099e and earlier this implementation is too permissive, allowing...

8.8CVSS7.8AI score0.00683EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/08/31 12:0 a.m.•8 views

Password stored in plain text by nomad

nomad 0.7.4 and earlier stores the passwords to authenticate against the Docker registry unencrypted in the global config.xml file on the Jenkins controller as part of its worker templates configuration. These passwords can be viewed by users with access to the Jenkins controller file system. nom...

5.5CVSS5.7AI score0.003EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/08/31 12:0 a.m.•11 views

XXE vulnerability in nested-view

nested-view 1.20 and earlier does not configure its XML transformer to prevent XML external entity XXE attacks. This allows attackers able to configure views to have Jenkins parse a crafted view XML definition that uses external entities for extraction of secrets from the Jenkins controller or...

7.1CVSS7.1AI score0.01321EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/08/31 12:0 a.m.•6 views

RCE vulnerability in code-coverage-api

code-coverage-api 1.4.0 and earlier does not apply https://github.com/jenkinsci/jep/tree/master/jep/200JEP-200 deserialization protection to Java objects it deserializes from disk. This results in a remote code execution RCE vulnerability exploitable by attackers able to control agent processes...

8.8CVSS8.8AI score0.02213EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/08/31 12:0 a.m.•7 views

saml allows bypassing CSRF protection for any URL

An extension point in Jenkins allows selectively disabling cross-site request forgery CSRF protection for specific URLs. saml implements this extension point for the URL that users are redirected to after login. In saml 2.0.7 and earlier this implementation is too permissive, allowing attackers t...

8.8CVSS7.8AI score0.0081EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/06/30 12:0 a.m.•6 views

XXE vulnerability in seleniumhtmlreport

seleniumhtmlreport 1.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers with the ability to control the report files parsed using this plugin to have Jenkins parse a crafted report file that uses external entities for extraction of...

7.1CVSS5.2AI score0.42521EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/06/30 12:0 a.m.•6 views

Improper permission checks allow canceling queue items and aborting builds

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier allows users to cancel queue items and abort builds of jobs for which they have Item/Cancel permission even when they do not have Item/Read permission. Jenkins 2.300, LTS 2.289.2 requires that users have Item/Read permission for applicable types ...

4.3CVSS5AI score0.01982EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/06/30 12:0 a.m.•8 views

Open redirect vulnerability in cas-plugin

cas-plugin 1.6.0 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins. This allows attackers to perform phishing attacks by having users go to a Jenkins URL that will forward them to a different site after successful authentication. cas-plugin 1.6....

6.1CVSS6AI score0.01584EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/06/30 12:0 a.m.•6 views

Missing permission check in requests allows viewing pending requests

requests 2.2.6 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to view the list of pending requests. requests 2.2.7 requires Overall/Administer permission to view the list of pending requests. NOTE: The previous sentence...

4.3CVSS5AI score0.0097EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/06/30 12:0 a.m.•6 views

CSRF vulnerabilities in requests

requests 2.2.12 and earlier does not require POST requests to request and apply changes, resulting in cross-site request forgery CSRF vulnerabilities. These vulnerabilities allow attackers to create requests and/or have administrators apply pending requests, like renaming or deleting jobs, deleti...

6.5CVSS6.5AI score0.01256EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/06/30 12:0 a.m.•6 views

Missing permission check in requests allows sending emails

requests 2.2.7 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to send test emails to an attacker-specified email address. requests 2.2.8 requires Overall/Administer permission to send test emails...

4.3CVSS5AI score0.01391EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/06/30 12:0 a.m.•6 views

Session fixation vulnerability

Jenkins 2.299 and earlier, LTS 2.289.1 and earlier does not invalidate the existing session on login. This allows attackers to use social engineering techniques to gain administrator access to Jenkins. This vulnerability was introduced in Jenkins 2.266 and LTS 2.277.1. Jenkins 2.300, LTS 2.289.2...

7.5CVSS7.2AI score0.01706EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/06/18 12:0 a.m.•6 views

XXE vulnerability in generic-webhook-trigger

generic-webhook-trigger 1.72 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers with the ability to call webhooks configured to extract parameters using XPath to have Jenkins parse a crafted XML request body that uses external entities...

9.8CVSS8.5AI score0.25746EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/06/16 12:0 a.m.•6 views

Stored XSS vulnerability in scriptler

scriptler 3.2 and earlier does not escape parameter names shown in job configuration forms. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission. scriptler 3.3 escapes parameter names shown in job configuration forms...

8CVSS5.3AI score0.75742EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/06/16 12:0 a.m.•6 views

Stored XSS vulnerability in scriptler

scriptler 3.1 and earlier does not escape script content. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Scriptler/Configure permission. scriptler 3.2 escapes script content...

8CVSS5.3AI score0.76016EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/06/10 12:0 a.m.•6 views

CSRF vulnerability and missing permission check in deployit-plugin allows capturing credentials

deployit-plugin 10.0.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing...

8.8CVSS6.2AI score0.01001EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/06/10 12:0 a.m.•7 views

Missing permission checks allow enumerating credentials IDs in kubernetes-cli

kubernetes-cli 1.10.0 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another...

4.3CVSS5.1AI score0.0164EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/06/10 12:0 a.m.•6 views

Missing permission check in deployit-plugin allows enumerating credentials IDs

deployit-plugin 10.0.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials usin...

4.3CVSS5.1AI score0.00949EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/06/10 12:0 a.m.•6 views

Reflected XSS vulnerability in kiuwanJenkinsPlugin

kiuwanJenkinsPlugin 1.6.0 and earlier does not escape output that can indirectly be controlled through query parameters in an error message for a form validation endpoint. This results in a reflected cross-site scripting XSS vulnerability. NOTE: Only older releases of Jenkins are affected by this...

8.8CVSS5.8AI score0.01216EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/05/25 12:0 a.m.•8 views

XXE vulnerability in fstrigger

fstrigger 0.40 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers with Job/Configure permission or otherwise able to control the contents of an XML file being polled for changes to have Jenkins parse a crafted XML document that uses...

8.8CVSS8AI score0.01596EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/05/25 12:0 a.m.•6 views

XXE vulnerability in urltrigger

urltrigger 0.48 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers with Job/Configure permission or otherwise able to control the contents of an URL to an XML document being examined for changes to have Jenkins parse a crafted XML...

8.1CVSS7.8AI score0.66774EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/05/25 12:0 a.m.•11 views

XXE vulnerability in nuget

nuget 1.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This XML parser is used for the "Build on NuGet updates" feature. This allows attackers with the ability to control the contents of the packages.config file in a workspace to have Jenkins parse a...

9.1CVSS8.4AI score0.01536EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/05/25 12:0 a.m.•6 views

XSS vulnerability in markdown-formatter

markdown-formatter 0.1.0 and earlier uses a Markdown library to parse Markdown that does not escape crafted link target URLs. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with the ability to edit any description rendered using the configured markup...

8CVSS5.4AI score0.01087EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/05/11 12:0 a.m.•6 views

Stored XSS vulnerability in dashboard-view

dashboard-view 2.15 and earlier does not escape URLs referenced in Image Dashboard Portlets. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with View/Configure permission. dashboard-view 2.16 does not render unsafe URLs. As part of this fix, the property...

8CVSS5.3AI score0.72678EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/05/11 12:0 a.m.•11 views

Missing permission check in s3

s3 0.11.6 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to obtain the list of configured profiles. s3 0.11.7 performs permission checks when providing a list of configured profiles...

4.3CVSS5AI score0.00733EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/05/11 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in p4

p4 1.11.4 and earlier does not perform permission checks in multiple HTTP endpoints implementing connection tests. This allows attackers with Overall/Read permission to connect to an attacker-specified Perforce server using attacker-specified username and password. Additionally, these HTTP...

7.1CVSS5.8AI score0.01301EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/05/11 12:0 a.m.•8 views

Reflected XSS vulnerability in credentials

credentials 2.3.18 and earlier does not escape user-controlled information on a view it provides. This results in a reflected cross-site scripting XSS vulnerability. credentials 2.3.19 restricts the user-controlled information it provides to a safe subset...

8.8CVSS5.8AI score0.11308EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/05/11 12:0 a.m.•7 views

Missing permission checks in s3 allow obtaining metadata about artifacts

s3 0.11.6 and earlier does not perform Run/Artifacts permission checks in various HTTP endpoints and API models. This allows attackers with Item/Read permission to obtain information about artifacts uploaded to S3, if the optional Run/Artifacts permission is enabled. s3 0.11.7 requires...

4.3CVSS5.1AI score0.00712EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/05/11 12:0 a.m.•7 views

CSRF vulnerability in xray-connector allows capturing credentials

xray-connector 2.4.0 and earlier does not require POST requests for a connection test method, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another...

7.1CVSS7AI score0.00642EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/05/11 12:0 a.m.•7 views

Missing permission check in xray-connector allows enumerating credentials IDs

xray-connector 2.4.0 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability...

4.3CVSS5.1AI score0.00865EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/05/11 12:0 a.m.•6 views

XXE vulnerability in xcode-plugin

xcode-plugin 2.0.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control the input files for the Xcode build step to have Jenkins parse a crafted Xcode Workspace File that uses external entities for extraction of secrets...

7.1CVSS7.2AI score0.01511EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/04/21 12:0 a.m.•6 views

Missing permission check in electricflow allows scheduling builds

electricflow 1.1.21 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Item/Read permission to schedule builds of projects without having Item/Build permission. electricflow 1.1.22 requires Item/Build permission to schedule builds via its HTTP endpoint...

4.3CVSS5AI score0.01456EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/04/21 12:0 a.m.•7 views

XXE vulnerability in config-file-provider

config-file-provider 3.7.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers with the ability to define Maven configuration files to have Jenkins parse a crafted configuration file that uses external entities for extraction of secrets...

8.1CVSS7.8AI score0.3783EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/04/21 12:0 a.m.•6 views

CSRF vulnerability in config-file-provider allows deleting configuration files

config-file-provider 3.7.0 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to delete configuration files corresponding to an attacker-specified ID. This is due to an incomplete fix o...

5.8CVSS6.1AI score0.01053EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/04/21 12:0 a.m.•6 views

Remote code execution vulnerability in templating-engine

templating-engine 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin. This vulnerability allows attackers with Job/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM. templating-engine 2.2 integrates with Script...

8.8CVSS8.5AI score0.01749EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/04/21 12:0 a.m.•6 views

Incorrect permission checks in config-file-provider allow enumerating credentials IDs

config-file-provider 3.7.0 and earlier does not correctly perform permission checks in several HTTP endpoints. This allows attackers with global Job/Configure permission to enumerate system-scoped credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture...

6.5CVSS6.8AI score0.01082EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/04/21 12:0 a.m.•7 views

Missing permission checks in config-file-provider allow enumerating configuration file IDs

config-file-provider 3.7.0 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate configuration file IDs. An enumeration of configuration file IDs in config-file-provider 3.7.1 requires the appropriate permissions...

4.3CVSS5.5AI score0.00887EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2021/04/20 12:0 a.m.•6 views

Denial of service vulnerability in bundled Jetty

Jenkins bundles Winstone-Jetty, a wrapper around Jetty, to act as HTTP and servlet server when started using java -jar jenkins.war. This is how Jenkins is run when using any of the installers or packages, but not when run using servlet containers such as Tomcat. Jenkins 2.285 and earlier, LTS...

7.8CVSS6.8AI score0.53861EPSS
Exploits1Affected Software1
Total number of security vulnerabilities1464