Lucene search
K
JenkinsRecent

1464 matches found

Jenkins Security Advisories
Jenkins Security Advisories
added 2019/07/17 12:0 a.m.7 views

CSRF protection tokens did not expire

By default, CSRF tokens in Jenkins only checked user authentication and IP address. This allowed attackers able to obtain a CSRF token for another user to implement CSRF attacks as long as the victim's IP address remained unchanged. CSRF tokens will now also check the web session ID to confirm th...

7.5CVSS7AI score0.01502EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/07/17 12:0 a.m.6 views

Unauthorized view fragment access

Jenkins uses the Stapler web framework to render its UI views. These views are frequently composed of several view fragments, enabling plugins to extend existing views with more content. In some cases attackers could directly access a view fragment containing sensitive information, bypassing any...

4.3CVSS6AI score0.01647EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/07/11 12:0 a.m.7 views

CSRF vulnerability and missing permission check in docker-plugin allowed capturing credentials

docker-plugin did not perform permission checks on a method implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkin...

8.8CVSS6.9AI score0.01691EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/07/11 12:0 a.m.7 views

Users with Overall/Read access could enumerate credential IDs in docker-plugin

docker-plugin provides a list of applicable credential IDs to allow users configuring the plugin to select the one to use. This functionality did not correctly check permissions, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those could be used as part of ...

4.3CVSS5.1AI score0.01361EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/07/11 12:0 a.m.20 views

gogs-webhook stored credentials in plain text

gogs-webhook stored credentials unencrypted in job config.xml files on the Jenkins controller. These credentials could be viewed by users with Extended Read permission, or access to the Jenkins controller file system. gogs-webhook now stores credentials encrypted...

8.8CVSS5.6AI score0.01668EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/07/11 12:0 a.m.8 views

Reflected XSS vulnerability in embeddable-build-status

embeddable-build-status did not sanitize arguments provided in the query string, resulting in a reflected cross-site scripting vulnerability. Arguments are now sanitized...

6.1CVSS5.9AI score0.01693EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/07/11 12:0 a.m.9 views

mashup-portlets-plugin stored credentials in plain text

mashup-portlets-plugin stored SonarQube credentials unencrypted on the Jenkins controller. These credentials could be viewed by users with access to the Jenkins controller file system. mashup-portlets-plugin now stores these credentials encrypted...

8.8CVSS8AI score0.01832EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/07/11 12:0 a.m.6 views

Stored XSS vulnerability in depgraph-view

depgraph-view does not correctly escape the Display Name value for jobs in Jenkins, resulting in a stored cross-site scripting vulnerability. As of publication of this advisory, there is no fix...

5.4CVSS5.3AI score0.03885EPSS
Exploits5Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/07/11 12:0 a.m.11 views

port-allocator stores credentials in plain text

port-allocator stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. As of publication of this advisory, there is no fix...

8.8CVSS5.6AI score0.01668EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/07/11 12:0 a.m.6 views

caliper-ci stores credentials in plain text

caliper-ci stores credentials unencrypted in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. As of publication of this advisory, there is no fix...

8.8CVSS5.6AI score0.01632EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/06/11 12:0 a.m.7 views

XSS vulnerability in build metadata contributed by electricflow

The plugin adds metadata displayed on build pages during its operations. Any user content was not escaped, resulting in a cross-site scripting vulnerability allowing users with Job/Configure permission, or attackers controlling API responses received from ElectricFlow to render arbitrary HTML and...

5.4CVSS5.5AI score0.01133EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/06/11 12:0 a.m.8 views

CSRF vulnerability and missing permission check in jx-resources

jx-resources did not perform permission checks on a method implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified Kubernetes server and obtain information about an attacker-specified namespace. Doing so might also leak service...

8.8CVSS6.8AI score0.01832EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/06/11 12:0 a.m.7 views

Missing permission checks in electricflow

Various form validation and form autocompletion methods in electricflow lacked permission checks. This allowed attackers with Overall/Read access to obtain information about the configuration of electricflow, as well as the configuration and data of connected ElectricFlow servers. These form...

4.3CVSS5AI score0.01353EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/06/11 12:0 a.m.8 views

electricflow globally and unconditionally disabled SSL/TLS certificate validation

electricflow unconditionally disabled SSL/TLS certificate validation for the entire Jenkins controller JVM during the deployment/publication of an application. electricflow no longer does that. Instead, the existing opt-in option to ignore SSL/TLS errors is used during deployment for the specific...

6.5CVSS6.4AI score0.01303EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/06/11 12:0 a.m.7 views

XSS vulnerability in electricflow affecting job configuration forms

The configuration forms of various post-build steps contributed by electricflow were vulnerable to cross-site scripting. This allowed attackers able to control the output of connected ElectricFlow servers' APIs to inject arbitrary HTML and JavaScript into the configuration form. electricflow no...

6.1CVSS5.6AI score0.01375EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/06/11 12:0 a.m.6 views

XML External Entity processing vulnerability in token-macro

token-macro did not configure its XML parser in a way that would prevent XML External Entity XXE processing. This allowed attackers able to control the contents of files processed with the $XML macro to have Jenkins parse a maliciously crafted XML file that uses external entities for extraction o...

7.5CVSS7.1AI score0.01999EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/06/11 12:0 a.m.8 views

CSRF vulnerability and missing permission checks in electricflow allowed SSRF

A missing permission check in a form validation method in electricflow allowed users with Overall/Read permission to initiate a connection test to an attacker-specified server with attacker-specified username and password. Additionally, the form validation method did not require POST requests,...

4.3CVSS4.9AI score0.01829EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/05/31 12:0 a.m.7 views

Users with Overall/Read access could enumerate credential IDs in artifactory

artifactory provides a list of applicable credential IDs to allow users configuring the plugin to select the one to use. This functionality does not correctly check permissions, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those can be used as part of an...

4.3CVSS5AI score0.01876EPSS
Exploits1Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/05/31 12:0 a.m.5 views

Unsafe entry in Script Security list of approved signatures in workflow-remote-loader

workflow-remote-loader provides a custom list of pre-approved signatures for Script Security. Those entries apply to all scripts with sandbox protection, such as Pipeline. One entry provided here was unsafe, as it allowed invoking arbitrary methods, bypassing sandbox protection. The unsafe...

9.9CVSS6.8AI score0.01938EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/05/31 12:0 a.m.7 views

CSRF vulnerability and missing permission check in artifactory allow capturing credentials

artifactory does not perform permission checks on a method implementing form validation. This allows users with Overall/Read access to Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS5AI score0.01825EPSS
Exploits1Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/05/31 12:0 a.m.7 views

Persisted XSS vulnerability in warnings-ng

warnings-ng rendered the name of a custom warnings parser unescaped on Jenkins web pages. This allowed attackers with Job/Configure permission to define a custom parser whose name included HTML and JavaScript, resulting in a persisted cross-site scripting vulnerability. warnings-ng now properly...

5.4CVSS5.4AI score0.01097EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/05/31 12:0 a.m.6 views

XML External Entity processing vulnerability in pipeline-maven

pipeline-maven did not configure its XML parser in a way that would prevent XML External Entity XXE processing. This allowed attackers able to control the contents of a temporary directory on the agent that the Maven build is executing on to have Jenkins parse a maliciously crafted XML file that...

8.1CVSS7.9AI score0.01467EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/05/31 12:0 a.m.6 views

influxdb stored credentials in plain text

influxdb stored target passwords unencrypted in its global configuration file on the Jenkins controller. These credentials could be viewed by users with access to the Jenkins controller file system. influxdb now stores its passwords encrypted...

8.8CVSS7.9AI score0.01763EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/05/31 12:0 a.m.7 views

CSRF vulnerability in artifactory

artifactory implements a number of API endpoints allowing users to trigger various actions related to releasing and promotion. These endpoints do not require POST requests, resulting in a cross-site request forgery vulnerability. As of publication of this advisory, no release containing a fix is...

6.5CVSS6.3AI score0.00751EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/05/31 12:0 a.m.6 views

CSRF vulnerability in warnings-ng

warnings-ng did not require that requests sent to the endpoint used to reset warning counts use POST. This resulted in a cross-site request forgery vulnerability that allows attackers to reset warning counts for future builds. warnings-ng now requires that these requests be sent via POST...

4.3CVSS4.9AI score0.0103EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/05/31 12:0 a.m.8 views

Improper handling of untrusted branches in gitea

Multibranch pipelines are typically configured so that only committers to the repository are able to effectively propose changes to Jenkinsfiles. Changes to Jenkinsfiles in pull requests created by other users would not be trusted, and the target branch's Jenkinsfile content is used instead. gite...

7.5CVSS7.3AI score0.02135EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/05/21 12:0 a.m.7 views

Missing permission check allowed obtaining limited information about system configuration in pam-auth

A missing permission check in pam-auth allowed users with Overall/Read permission to invoke a form validation method to obtain limited information about the file /etc/shadow on systems with that file present, as well as the system user the Jenkins process is running as. Depending on configuration...

4.3CVSS5.1AI score0.00786EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/05/21 12:0 a.m.7 views

Certificate file read vulnerability in credentials

Credentials Plugin allowed the creation of Certificate credentials from a PKCS12 file on the Jenkins controller. Users with permission to create or update credentials could use the associated form validation to confirm the existence of files with an attacker-specified path. Additionally, they cou...

4.3CVSS5.6AI score0.00969EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/30 12:0 a.m.6 views

twitter stores credentials in plain text

twitter stores credentials unencrypted in its global configuration file on the Jenkins controller. These credentials could be viewed by users with access to the Jenkins controller file system. As of publication of this advisory, there is no fix...

8.8CVSS6.2AI score0.01832EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/30 12:0 a.m.5 views

CSRF vulnerability in OAuth callback in github-oauth

github-oauth did not manage the state parameter of OAuth to prevent CSRF. This allowed an attacker to catch the redirect URL provided during the authentication process using OAuth and send it to the victim. If the victim was already connected to Jenkins, their Jenkins account would be attached to...

8.8CVSS6.7AI score0.02125EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/30 12:0 a.m.11 views

sitemonitor globally and unconditionally disables SSL/TLS certificate validation

sitemonitor unconditionally disables SSL/TLS certificate validation for the entire Jenkins controller JVM. sitemonitor no longer does that. Instead, it now has an opt-in option to ignore SSL/TLS errors for each site check individually...

6.5CVSS6AI score0.01458EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/30 12:0 a.m.6 views

CSRF vulnerability and missing permission check in ansible-tower allowed capturing credentials

ansible-tower did not perform permission checks on a method implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkin...

8.8CVSS6.5AI score0.01832EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/30 12:0 a.m.6 views

XXE vulnerability via UDP broadcast response in swarm client

swarm allows clients to auto-discover Jenkins instances on the same network through a UDP discovery request. Responses to this request are XML documents. swarm does not configure the XML parser in a way that would prevent XML External Entity XXE processing. This allows unauthenticated attackers o...

9.3CVSS7.8AI score0.01794EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/30 12:0 a.m.6 views

Users with Overall/Read access are able to enumerate credential IDs in ansible-tower

ansible-tower provides a list of applicable credential IDs to allow users configuring the plugin to select the one to use. This functionality did not check permissions, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those could be used as part of an attack ...

4.3CVSS5.1AI score0.01361EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/30 12:0 a.m.7 views

azure-ad stored credentials in plain text

azure-ad stored the client secret unencrypted in the global config.xml configuration file on the Jenkins controller. These credentials could be viewed by users with access to the Jenkins controller file system. azure-ad now stores the client secret encrypted...

8.8CVSS6.2AI score0.01832EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/30 12:0 a.m.7 views

koji globally and unconditionally disables SSL/TLS certificate validation

koji unconditionally disables SSL/TLS certificate validation for the entire Jenkins controller JVM. As of publication of this advisory, there is no fix...

6.5CVSS6.1AI score0.01489EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/30 12:0 a.m.7 views

aqua-microscanner stored credentials in plain text

aqua-microscanner stored credentials unencrypted in its global configuration file on the Jenkins controller. These credentials could be viewed by users with access to the Jenkins controller file system. aqua-microscanner now stores credentials encrypted...

8.8CVSS6.2AI score0.01832EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/30 12:0 a.m.9 views

CSRF vulnerability and missing permission check allowed changing default graph configuration in analysis-core

analysis-core has the capability to allow other plugins to display trend graphs for their static analysis results. analysis-core provides the configuration form for the default settings of each graph. The configuration form and form submission handler did not perform a permission check, allowing...

6.5CVSS5.7AI score0.01536EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/17 12:0 a.m.9 views

jira-ext stored credentials in plain text

jira-ext stored credentials unencrypted in its global configuration file hudson.plugins.jira.JiraProjectProperty.xml on the Jenkins controller. These credentials could be viewed by users with access to the Jenkins controller file system. jira-ext now stores credentials encrypted...

8.8CVSS8AI score0.01373EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/17 12:0 a.m.7 views

azure-publishersettings-credentials stored credentials in plain text

azure-publishersettings-credentials stored the service management certificate unencrypted in credentials.xml on the Jenkins controller. These credentials could be viewed by users with access to the Jenkins controller file system. azure-publishersettings-credentials has been deprecated...

8.8CVSS6.2AI score0.01373EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/17 12:0 a.m.7 views

Sandbox bypass in ontrack

ontrack supports sandboxed Groovy expressions. Its sandbox protection could be circumvented during parsing, compilation, and script instantiation by providing a crafted Groovy script. This allowed users able to control the plugin’s job-specific configuration to bypass the sandbox protection and...

9.9CVSS8.8AI score0.02393EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/17 12:0 a.m.7 views

CSRF vulnerability and missing permission checks in gitlab-plugin allowed capturing credentials

gitlab-plugin did not perform permission checks on a method implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkin...

8.8CVSS7.5AI score0.01373EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/17 12:0 a.m.8 views

CSRF vulnerability and missing permission check in deployit-plugin

A missing permission check in a form validation method in deployit-plugin allows users with Overall/Read permission to initiate a connection test to an attacker-specified server with attacker-specified credentials. Additionally, the form validation method does not require POST requests, resulting...

6.5CVSS5.8AI score0.01051EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/10 12:0 a.m.14 views

Jenkins accepted cached legacy CLI authentication

The fix for SECURITY-901 in Jenkins 2.150.2 and 2.160 did not reject existing remoting-based CLI authentication caches. This means that users who cached their CLI authentication before Jenkins was updated to 2.150.2 and newer, or 2.160 and newer, would remain authenticated. Support for the...

8.1CVSS6.5AI score0.02111EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/10 12:0 a.m.6 views

XSS vulnerability in form validation button

The f:validateButton form control for the Jenkins UI did not properly escape job URLs. This resulted in a cross-site scripting XSS vulnerability exploitable by users with the ability to control job names. The affected form control has been rewritten to no longer need to escape job URLs...

5.4CVSS6AI score0.01346EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/03 12:0 a.m.6 views

CSRF vulnerability and missing permission check in nomad allow SSRF

A missing permission check in a form validation method in nomad allows users with Overall/Read permission to initiate a connection test to an attacker-specified URL. Additionally, the form validation method does not require POST requests, resulting in a CSRF vulnerability...

6.5CVSS6.3AI score0.01536EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/03 12:0 a.m.7 views

CSRF vulnerability and missing permission check in sinatra-chef-builder allow SSRF

A missing permission check in a form validation method in sinatra-chef-builder allows users with Overall/Read permission to initiate a connection test to an attacker-specified server. Additionally, the form validation method does not require POST requests, resulting in a CSRF vulnerability...

6.5CVSS6.3AI score0.01536EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/03 12:0 a.m.9 views

CSRF vulnerability and missing permission check in labmanager

A missing permission check in a form validation method in labmanager allows users with Overall/Read permission to initiate a Lab Manager connection test to an attacker-specified server with attacker-specified credentials and settings. Additionally, the form validation method does not require POST...

6.5CVSS6.4AI score0.01536EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/03 12:0 a.m.8 views

CSRF vulnerability and missing permission check in openshift-deployer

A missing permission check in a form validation method in openshift-deployer allows users with Overall/Read permission to initiate a connection test to an attacker-specified server with attacker-specified credentials. Additionally, the form validation method does not require POST requests,...

6.5CVSS6.4AI score0.01536EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2019/04/03 12:0 a.m.6 views

CSRF vulnerability and missing permission check in gearman-plugin

A missing permission check in a form validation method in gearman-plugin allows users with Overall/Read permission to initiate a connection test to an attacker-specified server. Additionally, the form validation method does not require POST requests, resulting in a CSRF vulnerability...

6.5CVSS6.3AI score0.01486EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1464