Lucene search
K
JenkinsRecent

1464 matches found

Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•8 views

Reflected XSS vulnerability in vncrecorder

vncrecorder 1.25 and earlier does not escape a parameter value in the checkVncServ form validation endpoint output. This results in a reflected cross-site scripting XSS vulnerability. vncrecorder 1.35 escapes the parameter value in the output...

6.1CVSS5.8AI score0.00871EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•7 views

Reflected XSS vulnerability in vncviewer

vncviewer 1.7 and earlier does not escape a parameter value in the checkVncServ form validation endpoint output. This results in a reflected cross-site scripting XSS vulnerability. vncviewer 1.8 escapes the parameter value in the output...

6.1CVSS5.8AI score0.00871EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•6 views

Password stored in plain text by TestComplete

TestComplete 2.4.1 and earlier stores a password unencrypted in job config.xml files as part of its configuration. This password can be viewed by users with Extended Read permission or access to the Jenkins controller file system. As of publication of this advisory, there is no fix...

4.3CVSS5.1AI score0.00691EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•6 views

RCE vulnerability in ElasticBox Jenkins Kubernetes CI/CD

ElasticBox Jenkins Kubernetes CI/CD 1.3 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution RCE vulnerability exploitable by users able to provide YAML input files to ElasticBox Jenkins Kubernetes CI/CD's build...

8.8CVSS8.9AI score0.02282EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•6 views

CSRF vulnerability and missing permission checks in fortify-on-demand-uploader

fortify-on-demand-uploader 5.0.1 and earlier does not perform permission checks on a method implementing form validation. This allows users with Overall/Read access to Jenkins to connect to the globally configured Fortify on Demand endpoint using attacker-specified credentials IDs obtained throug...

5.5CVSS5AI score0.00665EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•7 views

Stored XSS vulnerability in sonargraph-integration

sonargraph-integration 3.0.0 and earlier does not escape the file path for the Log file field form validation. This results in a stored cross-site scripting XSS vulnerability that can be exploited by users with Job/Configure permission. sonargraph-integration 3.0.1 escapes the affected part of th...

5.4CVSS5.3AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•8 views

Passwords transmitted in plain text by StashBranchParameter

StashBranchParameter stores Stash API passwords in its global configuration file org.jenkinsci.plugins.StashBranchParameter.StashBranchParameterDefinition.xml on the Jenkins controller as part of its configuration. While the password is stored encrypted on disk, it is transmitted in plain text as...

4.3CVSS4.8AI score0.00657EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•6 views

Secret stored in plain text by github-coverage-reporter

github-coverage-reporter 1.8 and earlier stores a GitHub access token in plain text in its global configuration file io.jenkins.plugins.gcr.PluginConfiguration.xml. This token can be viewed by users with access to the Jenkins controller file system. As of publication of this advisory, there is no...

4.3CVSS5.1AI score0.00691EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•8 views

Secret stored in plain text by slack-uploader

slack-uploader 1.7 and earlier stores a secret unencrypted in job config.xml files as part of its configuration. This secret can be viewed by users with Extended Read permission or access to the Jenkins controller file system. As of publication of this advisory, there is no fix...

4.3CVSS5.1AI score0.00691EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/07/02 12:0 a.m.•9 views

Stored XSS vulnerability in vncrecorder

vncrecorder 1.25 and earlier does not escape a tool path in the checkVncServ form validation endpoint accessed e.g. via job configuration forms. This results in a stored cross-site scripting XSS vulnerability exploitable by Jenkins administrators. vncrecorder 1.35 escapes the tool path...

4.8CVSS4.9AI score0.00702EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•8 views

Missing permission check in project-inheritance

Jenkins limits access to job configuration XML data config.xml to users with Job/ExtendedRead permission, typically implied by Job/Configure permission. project-inheritance has several job inspection features, including the API URL /job/.../getConfigAsXML for its Inheritance Project job type that...

6.5CVSS5.5AI score0.00798EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•8 views

XSS vulnerability in svn-partial-release-mgr

svn-partial-release-mgr 1.0.1 and earlier does not escape the error message for the repository URL field form validation. This results in a reflected cross-site scripting XSS vulnerability that can also be exploited similar to a stored cross-site scripting vulnerability by users with Job/Configur...

6.1CVSS5.8AI score0.06189EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•7 views

Stored XSS vulnerability in script-security

script-security 1.72 and earlier does not correctly escape pending or approved classpath entries on the In-process Script Approval page. This results in a stored cross-site scripting XSS vulnerability exploitable by users able to configure sandboxed scripts. script-security 1.73 escapes pending a...

5.4CVSS5.3AI score0.0076EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•9 views

Complete lack of CSRF protection in selenium can lead to OS command injection

selenium 3.141.59 and earlier has no CSRF protection for its HTTP endpoints. This allows attackers to perform the following actions: Restart the Selenium Grid hub. Delete or replace the plugin configuration. Start, stop, or restart Selenium configurations on specific nodes. Through carefully chos...

8CVSS7.6AI score0.00937EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•7 views

Stored XSS vulnerability in compact-columns

compact-columns 1.11 and earlier displays the unprocessed job description in tooltips. This results in a stored cross-site scripting vulnerability that can be exploited by users with Job/Configure permission. compact-columns 1.12 applies the configured markup formatter to the job description show...

5.4CVSS5.3AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•6 views

Stored XSS vulnerability in echarts-api

echarts-api 4.7.0-3 and earlier does not escape the parser identifier when rendering charts. This results in a stored cross-site scripting XSS vulnerability that can be exploited by users with Job/Configure permission. echarts-api 4.7.0-4 escapes the parser identifier...

5.4CVSS5.3AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•5 views

Stored XSS vulnerability in echarts-api

echarts-api 4.7.0-3 and earlier does not escape the display name of the builds in the trend chart. This results in a stored cross-site scripting XSS vulnerability that can be exploited by users with Run/Update permission. echarts-api 4.7.0-4 escapes the display name...

5.4CVSS5.3AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•7 views

OS command injection vulnerability in Play Framework

A form validation endpoint in Play Framework executes the play command to validate a given input file. Play Framework 1.0.2 and earlier lets users specify the path to the play command on the Jenkins controller. This results in an OS command injection vulnerability exploitable by users able to sto...

8.8CVSS8AI score0.02422EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/06/03 12:0 a.m.•10 views

CSRF vulnerability and improper permission checks in swarm

swarm adds API endpoints to add or remove agent labels. In swarm 3.20 and earlier these only require a global Swarm secret to use, and no regular permission check is performed. This allows users with Agent/Create permission to add or remove labels of any agent. Additionally, these API endpoints d...

6.5CVSS5.5AI score0.00656EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/05/06 12:0 a.m.•7 views

Improper permission checks in copyartifact

copyartifact 1.43.1 and earlier performs improper permission checks when determining whether a build can copy artifacts from another project build. This allows attackers, usually with Job/Configure permission, to configure jobs to copy artifacts from jobs they have no permission to access...

6.5CVSS6AI score0.00852EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/05/06 12:0 a.m.•11 views

RCE vulnerability in scm-filter-jervis

scm-filter-jervis 0.2.1 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution RCE vulnerability exploitable by users able to configure jobs with the filter, or control the contents of a previously configured job's S...

8.8CVSS8.9AI score0.02282EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/05/06 12:0 a.m.•7 views

CSRF vulnerability in cvs

cvs 2.15 and earlier does not require POST requests in several HTTP endpoints, resulting in cross-site request forgery CSRF vulnerabilities. This allows attackers to create and manipulate tags, and to connect to an attacker-specified URL. cvs 2.16 now requires POST requests for the affected HTTP...

4.3CVSS5AI score0.44464EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/05/06 12:0 a.m.•7 views

Lack of SSL/TLS certificate and hostname validation in ec2

ec2 connects to Windows agents via HTTPS. ec2 1.50.1 and earlier unconditionally accepts self-signed HTTPS certificates and does not perform hostname validation when connecting to Windows agents. This lack of validation could be abused using a man-in-the-middle attack to intercept these connectio...

6.8CVSS5.8AI score0.00411EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/05/06 12:0 a.m.•7 views

Users with Overall/Read access can enumerate credentials IDs in ec2

ec2 provides a list of applicable credentials IDs to allow users configuring the plugin to select the one to use. This functionality does not correctly check permissions in ec2 1.50.1 and earlier, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those can be...

4.3CVSS5AI score0.00647EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/05/06 12:0 a.m.•6 views

Improper masking of some secrets in credentials-binding

credentials-binding allows specifying passwords and other secrets as environment variables, and will hide them from console output in builds. As a side effect of the fix for SECURITY-698, $ characters in secrets are escaped to $$. This will then be expanded to $ again once the secret is passed to...

4.3CVSS5.4AI score0.00881EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/05/06 12:0 a.m.•6 views

Secrets are not masked by credentials-binding in builds without build steps

credentials-binding 1.22 and earlier does not mask i.e., replace with asterisks secrets in the build log when the build contains no build steps. credentials-binding 1.23 now masks secrets when the build contains no build steps...

6.5CVSS6.3AI score0.01087EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/05/06 12:0 a.m.•10 views

CSRF vulnerability in ec2

ec2 1.50.1 and earlier does not require POST requests in several HTTP endpoints, resulting in cross-site request forgery CSRF vulnerabilities. This allows an attacker to provision instances with an attacker-specified template ID. ec2 1.50.2 now requires POST requests for the affected HTTP endpoin...

4.3CVSS4.9AI score0.00636EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/05/06 12:0 a.m.•6 views

Missing SSH host key validation in ec2

ec2 1.50.1 and earlier does not use SSH host key validation when connecting to agents. This lack of validation could be abused using a man-in-the-middle attack to intercept these connections to build agents. ec2 1.50.2 provides strategies for performing host key validation for administrators to...

6.8CVSS5.8AI score0.00694EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/04/16 12:0 a.m.•7 views

XXE vulnerability in parasoft-findings

parasoft-findings implements a static analysis parser for various Parasoft products and integrates with Warnings Plugin 10.4.1 and earlier and Warnings NG Plugin 10.4.2 and newer. parasoft-findings 10.4.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. Th...

7.1CVSS7.5AI score0.00877EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/04/16 12:0 a.m.•8 views

RCE vulnerability in aws-sam

aws-sam 1.2.2 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution RCE vulnerability exploitable by users able to configure a job or control the contents of a previously configured "AWS SAM deploy application" buil...

8.8CVSS8.9AI score0.02282EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/04/16 12:0 a.m.•6 views

RCE vulnerability in yaml-axis

yaml-axis 0.2.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution RCE vulnerability exploitable by users able to configure a multi-configuration Matrix job, or control the contents of a previously configured job...

8.8CVSS8.9AI score0.02867EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/04/16 12:0 a.m.•6 views

Credentials stored in plain text by copr

copr 0.3 and earlier stores credentials unencrypted in job config.xml files as part of its configuration. These credentials can be viewed by users with Extended Read permission or access to the Jenkins controller file system. copr 0.6.1 stores these credentials encrypted. This change is effective...

4.3CVSS5.1AI score0.00501EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/04/07 12:0 a.m.•8 views

XSS vulnerability in gatling

gatling 1.2.7 and earlier serves Gatling reports in a manner that bypasses the Content-Security-Policy protection introduced in Jenkins 1.641 and 1.625.3. This results in a cross-site scripting XSS vulnerability exploitable by users able to change report content. gatling 1.3.0 no longer allows...

6.1CVSS5.5AI score0.00705EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/04/07 12:0 a.m.•11 views

XXE vulnerability in code-coverage-api

code-coverage-api 1.1.4 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows a user able to control the input files for the "Publish Coverage Report" post-build step to have Jenkins parse a crafted file that uses external entities for extraction of...

7.1CVSS6.8AI score0.01067EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/04/07 12:0 a.m.•6 views

Reflected XSS vulnerability in awseb-deployment-plugin

awseb-deployment-plugin 0.3.19 and earlier does not escape various values printed as part of form validation output. This results in a reflected cross-site scripting XSS vulnerability. awseb-deployment-plugin 0.3.20 escapes the values printed as part of the affected form validation endpoints...

6.1CVSS5.8AI score0.00816EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/04/07 12:0 a.m.•8 views

Stored XSS vulnerability in fitnesse

fitnesse 1.31 and earlier does not correctly escape report contents before showing them on the Jenkins UI. This results in a stored cross-site scripting XSS vulnerability exploitable by users able to control the XML input files processed by the plugin. fitnesse 1.33 escapes content from XML input...

5.4CVSS5.4AI score0.00705EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/04/07 12:0 a.m.•10 views

XSS vulnerability in usemango-runner

Multiple form validation endpoints in usemango-runner 1.4 and earlier do not escape values received from the useMango service. This results in a cross-site scripting XSS vulnerability exploitable by users able to control the values returned from the useMango service. usemango-runner 1.5 escapes a...

5.4CVSS5.4AI score0.00705EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/25 12:0 a.m.•6 views

Passwords transmitted in plain text by artifactory

artifactory stores Artifactory server passwords in its global configuration file org.jfrog.hudson.ArtifactoryBuilder.xml on the Jenkins controller as part of its configuration. While the password is stored encrypted on disk since artifactory 3.6.0, it is transmitted in plain text as part of the...

7.5CVSS7AI score0.01086EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/25 12:0 a.m.•8 views

Reflected XSS vulnerability in queue-cleanup

A form validation HTTP endpoint in queue-cleanup 1.3 and earlier does not escape a query parameter displayed in an error message. This results in a reflected cross-site scripting vulnerability XSS. queue-cleanup 1.4 correctly escapes the query parameter...

6.1CVSS5.8AI score0.0104EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/25 12:0 a.m.•24 views

CSRF protection for any URL could be bypassed

An extension point in Jenkins allows selectively disabling cross-site request forgery CSRF protection for specific URLs. Implementations of that extension point received a different representation of the URL path than the Stapler web framework uses to dispatch requests in Jenkins 2.227 and earlie...

8.8CVSS7.8AI score0.01993EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/25 12:0 a.m.•6 views

Stored XSS vulnerability in file parameters

Jenkins 2.227 and earlier, LTS 2.204.5 and earlier served files uploaded as file parameters to a build without specifying appropriate Content-Security-Policy HTTP headers. This resulted in a stored cross-site scripting XSS vulnerability exploitable by users with permissions to build a job with fi...

5.4CVSS5.4AI score0.01159EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/25 12:0 a.m.•8 views

Stored XSS vulnerability in list view column headers

Jenkins 2.227 and earlier, LTS 2.204.5 and earlier processed HTML embedded in list view column headers. This resulted in a stored cross-site scripting XSS vulnerability exploitable by users able to control the content of column headers. The following plugins are known to allow users to define...

5.4CVSS5.3AI score0.01159EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/25 12:0 a.m.•6 views

RCE vulnerability in openshift-pipeline

openshift-pipeline 1.0.56 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution RCE vulnerability exploitable by users able to provide YAML input files to openshift-pipeline's build step. openshift-pipeline 1.0.57...

8.8CVSS8.9AI score0.02077EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/25 12:0 a.m.•6 views

Stored XSS vulnerability in label expression validation

Users with Agent/Configure permissions can define labels for nodes. These labels can be referenced in job configurations to restrict where a job can be run. In Jenkins 2.227 and earlier, LTS 2.204.5 and earlier, the form validation for label expressions in job configuration forms did not properly...

5.4CVSS5.3AI score0.01237EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/25 12:0 a.m.•7 views

Passwords stored in plain text by Artifactory Plugin

Artifactory Plugin 3.5.0 and earlier stores its Artifactory server password in plain text in the global configuration file org.jfrog.hudson.ArtifactoryBuilder.xml. This password can be viewed by users with access to the Jenkins controller file system. Artifactory Plugin 3.6.0 now stores the...

6.5CVSS6.4AI score0.00805EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/25 12:0 a.m.•16 views

Stored XSS vulnerability in rapiddeploy-jenkins

rapiddeploy-jenkins 4.2 and earlier does not escape package names in its displayed table of packages obtained from a remote server. This results in a stored cross-site scripting XSS vulnerability exploitable by users able to configure jobs. rapiddeploy-jenkins 4.2.1 escapes package names...

5.4CVSS5.4AI score0.00735EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/25 12:0 a.m.•6 views

XXE vulnerability in rapiddeploy-jenkins

rapiddeploy-jenkins 4.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows a user able to control the input files for the 'RapidDeploy deployment package build' build or post-build step to have Jenkins parse a crafted file that uses external...

8.8CVSS8.1AI score0.0115EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/25 12:0 a.m.•6 views

RCE vulnerability in azure-acs

azure-acs 1.0.1 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution RCE vulnerability exploitable by users able to provide YAML input files to azure-acs's build step. azure-acs 1.0.2 configures its YAML parser to...

8.8CVSS8.9AI score0.01957EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/25 12:0 a.m.•6 views

RCE vulnerability in pipeline-aws

pipeline-aws 1.40 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution RCE vulnerability exploitable by users able to provide YAML input files to pipeline-aws's build steps. pipeline-aws 1.41 configures its YAML...

8.8CVSS8.9AI score0.02034EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2020/03/09 12:0 a.m.•9 views

Stored XSS vulnerability in timestamper

timestamper 1.11.1 and earlier does not escape or sanitize the HTML formatting used to display the timestamps in console output for builds. This results in a stored cross-site scripting vulnerability that can be exploited by users with Overall/Administer permission. timestamper 1.11.2 sanitizes t...

4.8CVSS4.9AI score0.00702EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1464