Lucene search
K
JenkinsRecent

1464 matches found

Jenkins Security Advisories
Jenkins Security Advisories
added 2018/06/04 12:0 a.m.10 views

Server-side request forgery vulnerability in GitHub Branch Source Plugin

A form validation method in GitHub Branch Source Plugin did not check the permission of the user accessing them, allowing anyone with Overall/Read access to Jenkins to cause Jenkins to send a GET request to a specified URL. Additionally, this form validation method did not require POST requests,...

5CVSS5.1AI score0.00642EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/06/04 12:0 a.m.29 views

CSRF vulnerability and missing permission checks in GitHub Pull Request Builder Plugin allowed server-side request forgery, capturing credentials

GitHub Pull Request Builder Plugin did not perform permission checks on methods implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing...

6.5CVSS5.9AI score0.00988EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/06/04 12:0 a.m.9 views

CSRF vulnerability and missing permission checks in AbsInt Astrée Plugin allowed launching programs on the Jenkins controller

AbsInt Astrée Plugin did not perform permission checks on a method implementing form validation. This allowed users with Overall/Read access to Jenkins to run a user-specified program on the Jenkins controller. Additionally, this form validation method did not require POST requests, resulting in ...

8.8CVSS8AI score0.02021EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/06/04 12:0 a.m.9 views

CSRF vulnerability and missing permission checks in Black Duck Detect Plugin allowed server-side request forgery, capturing credentials

Black Duck Detect Plugin did not perform permission checks on methods implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored...

6.5CVSS6.5AI score0.00988EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/06/04 12:0 a.m.6 views

Server-side request forgery vulnerability in CAS Plugin

A form validation method in GitHub Branch Source Plugin did not check the permission of the user accessing them, allowing anyone with Overall/Read access to Jenkins to cause Jenkins to send a GET request to a specified URL. Additionally, this form validation method did not require POST requests,...

5.5CVSS5.7AI score0.00608EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/05/09 12:0 a.m.8 views

Persisted cross-site scripting vulnerability in Groovy Postbuild Plugin

Groovy Postbuild Plugin did not properly escape badge content from user input, resulting in a stored cross-site scripting vulnerability. Groovy Postbuild Plugin 2.4 now properly escapes badge content from user input...

5.4CVSS5.3AI score0.00719EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/05/09 12:0 a.m.7 views

Users were able to register user names containing control characters

The built-in Jenkins user database optionally allows user registration. This feature did not properly sanitize user names, allowing registration of user names containing control characters. This could be used to confuse administrators appearing to be a different user while preventing deletion of...

4.3CVSS5.6AI score0.01045EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/05/09 12:0 a.m.7 views

Users with Overall/Read permission were able to send GET requests to any URL

The form validation code for a tool installer improperly checked permissions, allowing any user with Overall/Read permission to submit a HTTP GET request to any user specified URL, and learn whether the response was successful HTTP 200 or not. Additionally, this functionality did not require POST...

4.3CVSS5.7AI score0.02068EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/05/09 12:0 a.m.7 views

Black Duck Hub Plugin allowed any user with Overall/Read to read and write its configuration

Black Duck Hub Plugin did not perform permission checks for its /descriptorByName/com.blackducksoftware.integration.hub.jenkins.PostBuildHubScan/config.xml API endpoint. This allowed any user with Overall/Read permission to both read and write the plugin configuration XML. Black Duck Hub Plugin...

8.1CVSS7.8AI score0.00837EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/05/09 12:0 a.m.7 views

XML External Entity processing vulnerability in Black Duck Hub Plugin

Black Duck Hub Plugin's /descriptorByName/com.blackducksoftware.integration.hub.jenkins.PostBuildHubScan/config.xml API endpoint was affected by an XML External Entity XXE processing vulnerability. This allowed an attacker with Overall/Read access to have Jenkins parse a maliciously crafted file...

7.6CVSS6.5AI score0.00954EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/05/09 12:0 a.m.11 views

Gitlab Hook Plugin stores and displays GitLab API token in plain text

Gitlab Hook Plugin does not encrypt the Gitlab API token used to access Gitlab. This can be used by users with Jenkins controller file system access to obtain GitHub credentials. Additionally, the Gitlab API token round-trips in its plaintext form, and is displayed in a regular text field to user...

6.5CVSS6.1AI score0.01176EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/05/09 12:0 a.m.6 views

Path traversal vulnerability in agent to controller security subsystem

The agent to controller security subsystem ensures that the Jenkins controller is protected from maliciously configured agents. Learn more. A path traversal vulnerability allowed agents to escape whitelisted directories to read and write to files they should not be able to access. Paths are now...

8.1CVSS7.5AI score0.02612EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/05/09 12:0 a.m.6 views

CLI and UI allow non-admin users to enumerate installed plugins

Users with Overall/Read permission were able use the list-plugins CLI command and view the About Jenkins page to list all installed plugins. Use of the list-plugins CLI command and access to the About Jenkins page now require Overall/Administer permission...

4.3CVSS5.6AI score0.01115EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/04/16 12:0 a.m.7 views

Email Extension Plugin showed plain text SMTP password in configuration form field

Email Extension Plugin stores an SMTP password in the global Jenkins configuration. While the password is stored encrypted on disk, it was transmitted in plain text as part of the configuration form. This could result in exposure of the password through browser extensions, cross-site scripting...

6.5CVSS6.1AI score0.00988EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/04/16 12:0 a.m.9 views

Stored XSS vulnerability in S3 Publisher Plugin

S3 Publisher Plugin did not properly escape file names shown on the Jenkins UI. This resulted in a cross-site scripting vulnerability exploitable by users able to control the names of uploaded files. S3 Publisher Plugin now escapes file names shown on the Jenkins UI properly...

5.4CVSS5.3AI score0.00673EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/04/16 12:0 a.m.13 views

Path traversal vulnerability allows arbitrary file writing in HTML Publisher Plugin

HTML Publisher Plugin allows specifying a name for the HTML reports it publishes. This report name was used in the URL of the report and as a directory name on the Jenkins controller without further processing, resulting in a path traversal vulnerability that allowed overriding files outside the...

6.5CVSS6.4AI score0.02714EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/04/16 12:0 a.m.9 views

Session fixation vulnerability in Google Login Plugin

Google Login Plugin did not invalidate the previous session and create a new one upon successful login, allowing attackers able to control or obtain another user's pre-login session ID to impersonate them. Google Login Plugin now invalidates the previous session during login, and creates a new on...

6.5CVSS6AI score0.01653EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/04/16 12:0 a.m.6 views

Open redirect vulnerability in Google Login Plugin

Google Login Plugin redirected users to an arbitrary URL specified as a query parameter after successful login, enabling phishing attacks. Google Login Plugin now only performs redirects to relative URLs...

6.1CVSS6AI score0.01003EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/04/11 12:0 a.m.8 views

CLI leaked existence of views and agents with attacker-specified names to users without Overall/Read permission

The Jenkins CLI sent different error responses for commands with view and agent arguments depending on the existence of the specified views or agents to unauthorized users. This allowed attackers to determine whether views or agents with specified names exist. The Jenkins CLI now returns the same...

5.3CVSS5.4AI score0.01403EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/04/11 12:0 a.m.6 views

Cross-site scripting vulnerability in confirmation dialogs displaying item names

Some JavaScript confirmation dialogs included the item name in an unsafe manner, resulting in a possible cross-site scripting vulnerability exploitable by users with permission to create or configure items. JavaScript confirmation dialogs that include the item name now properly escape it, so it c...

5.4CVSS5.2AI score0.00884EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/03/26 12:0 a.m.6 views

Ansible Plugin disabled host key verification by default

Ansible Plugin disabled host key verification by default, having it only as an opt-in option. Ansible Plugin 1.0 now enables host key verification by default, adding options allowing users to opt out. Existing configurations that previously did not opt into host key verification will have host ke...

6.8CVSS5.9AI score0.00718EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/03/26 12:0 a.m.7 views

GitHub Pull Request Builder Plugin stores webhook secret in plain text

GitHub Pull Request Builder Plugin stored the webhook secret shared between Jenkins and GitHub in plain text. This allowed users with Jenkins controller local file system access and Jenkins administrators to retrieve the stored password. The latter could result in exposure of the passwords throug...

6.7CVSS5.6AI score0.00368EPSS
Exploits0
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/03/26 12:0 a.m.7 views

Perforce Plugin uses ineffective credentials encryption

Perforce Plugin encrypts its credentials using DES and an encryption key stored in its public source code, so it only serves as basic obfuscation. This allowed users with Jenkins controller local file system access and Jenkins administrators to retrieve the stored password. The latter could resul...

6.5CVSS6AI score0.01142EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/03/26 12:0 a.m.7 views

CSRF vulnerability and missing permission checks in vSphere Plugin form validation allowed enumerating credentials IDs, capturing credentials, and denial of service

vSphere Plugin did not perform permission checks on methods implementing form validation. This allowed users with Overall/Read access to Jenkins to perform various actions such as: Connect to an attacker-specified vSphere server using attacker-specified credentials IDs obtained through another...

8.8CVSS7AI score0.00698EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/03/26 12:0 a.m.11 views

Perforce Plugin credentials can be obtained by users with Job/Extended Read permission

Jenkins prevents users with Extended Read permission from obtaining secrets such as credentials stored in job configurations. Perforce Plugin implements its own credential encryption using DES and an encryption key stored in its public source code. This is not considered a secret by Jenkins,...

6.5CVSS6.3AI score0.00858EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/03/26 12:0 a.m.7 views

Copy To Slave Plugin allows access to arbitrary files on the Jenkins controller file system

Copy To Slave Plugin allows users with Job/Configure permissions to configure it in such a way that it allows obtaining arbitrary files accessible to the Jenkins controller process from the Jenkins controller file system. As of publication of this advisory, there is no fix...

6.5CVSS6.5AI score0.00988EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/03/26 12:0 a.m.8 views

GitHub Pull Request Builder Plugin stores GitHub access tokens in build.xml

GitHub Pull Request Builder Plugin stored serialized objects in build.xml files that contained the credential used to poll Jenkins. This can be used by users with Jenkins controller file system access to obtain GitHub credentials. Since 1.40.0, the plugin no longer stores serialized objects...

7.8CVSS6.3AI score0.00376EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/03/26 12:0 a.m.10 views

Cucumber Living Documentation Plugin disabled Content-Security-Policy for archived and workspace files

Jenkins 1.641 and 1.625.3 introduced Content-Security-Policy HTTP headers as protection against Cross-Site Scripting attacks using workspace files and archived artifacts served using DirectoryBrowserSupport SECURITY-95. Cucumber Living Documentation Plugin disabled this XSS protection until Jenki...

6.1CVSS5.9AI score0.00861EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/03/26 12:0 a.m.6 views

vSphere Plugin does not validate SSL/TLS certificates

vSphere Plugin disabled SSL/TLS certificate validation unconditionally, allowing potential man-in-the-middle attacks. vSphere Plugin 2.17 now has SSL/TLS certificate validation enabled by default...

6.8CVSS5.8AI score0.00425EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/03/26 12:0 a.m.7 views

Liquibase Runner Plugin allows users to load arbitrary Java code into controller JVM

Liquibase Runner Plugin allows users with Job/Configure permission to configure its build step in a way that loads arbitrary class files into the Jenkins controller JVM, resulting in arbitrary code execution. As of publication of this advisory, there is no fix...

8.8CVSS8.2AI score0.01577EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/03/26 12:0 a.m.8 views

Mailer Plugin allowed unauthorized users to send test emails

A missing permission check in Mailer Plugin allowed users with Overall/Read access to Jenkins to have it connect to a user-specified mail server with user-specified credentials to send a test email to a user-specified email address. The email subject and body could not be changed. This could resu...

8CVSS7.5AI score0.06773EPSS
Exploits5Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/03/26 12:0 a.m.6 views

Reverse Proxy Auth persisted authorities cache on disk

Reverse Proxy Auth Plugin persisted a cache of granted authorities group memberships on disk. This could allow users with local Jenkins controller file system access to obtain group membership information of Jenkins users. Reverse Proxy Auth Plugin 1.6.0 and newer no longer store the cache of...

3.3CVSS4.7AI score0.00349EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/02/26 12:0 a.m.7 views

Coverity Plugin stored keystore and private key passwords in plain text

The Coverity Plugin stored passwords unencrypted as part of its configuration. This allowed users with Jenkins controller local file system access and Jenkins administrators to retrieve the stored password. The latter could result in exposure of the passwords through browser extensions, cross-sit...

7.8CVSS6AI score0.00344EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/02/26 12:0 a.m.6 views

Azure Slave Plugin bundled outdated httpclient library with denial of service vulnerability

The Azure Slave Plugin bundles a version of the httpclient library that is vulnerable to CVE-2015-5262. As the plugin has been deprecated in favor of Azure VM Agents Plugin in 2016, there are no plans to release a fix. It has been removed from distribution per request by the former maintainers...

4.3CVSS6.3AI score0.19312EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/02/26 12:0 a.m.8 views

Reflected cross-site-scripting vulnerability in report URL of CppNCSS Plugin

CppNCSS Plugin did not properly escape the report name and graph name, resulting in a reflected cross-site scripting vulnerability. Report name and graph name are now properly escaped...

6.1CVSS5.8AI score0.00843EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/02/26 12:0 a.m.7 views

Unprivileged users are able to enumerate credential IDs in Google Play Android Publisher Plugin

Google Play Android Publisher Plugin provides a list of applicable credential IDs to allow users configuring a job to select the one they'd like to use to authenticate with the Google Play API. This functionality did not check permissions, allowing any user with Overall/Read permission to get a...

4.3CVSS5.1AI score0.00676EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/02/26 12:0 a.m.7 views

Disclosure of user names and node names to unauthorized users through post-commit hook URL in Git Plugin

The class handling unauthenticated Git post-commit hook notification requests at the /git/ path unnecessarily extended another type that handled requests to the …/search/ sub-path. This allowed submission of search queries to Jenkins, and getting a list of search results usually available to anyo...

5.3CVSS6.2AI score0.03988EPSS
Exploits2Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/02/26 12:0 a.m.8 views

Disclosure of user names and node names to unauthorized users through post-commit hook URL in Mercurial Plugin

The class handling unauthenticated Mercurial post-commit hook notification requests at the /mercurial/ path unnecessarily extended another type that handled requests to the …/search/ sub-path. This allowed submission of search queries to Jenkins, and getting a list of search results usually...

5.3CVSS5.6AI score0.0098EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/02/26 12:0 a.m.8 views

Promoted Builds Plugin allowed unauthorized users to run some promotion processes

Users with Job/Read access were able to approve and re-execute promotion processes with a manual promotion condition that did not specify a list of users allowed to manually approve the promotion. The plugin now requires users to have the Promotion/Promote permission to be able to approve or...

4.3CVSS5.1AI score0.00642EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/02/26 12:0 a.m.11 views

Environment Injector Plugin before 1.91 stored sensitive build variables

EnvInject plugin stores environment variables in order to visualize them in the "Injected Environment Variables" view. Sensitive build variables, typically passwords, are exempt from this behavior. Plugin versions older than 1.91 released on Mar 08, 2015 however did not exempt sensitive variables...

3.1CVSS5.4AI score
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/02/26 12:0 a.m.8 views

Improper access control in Gerrit Trigger Plugin allowed unauthorized users to read some server configuration information

Missing permission checks in Gerrit Trigger Plugin allowed users with Overall/Read permission to access a form that showed the configuration of Gerrit servers in Jenkins. The key file password was only shown in its encrypted form, if configured. Other options were plainly visible. The missing...

4.3CVSS4.8AI score0.00676EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/02/26 12:0 a.m.11 views

Improper access control in Gerrit Trigger Plugin allowed unauthorized users to modify global Gerrit Server configurations

Missing permission checks in Gerrit Trigger Plugin allowed users with Overall/Read permission to perform the following actions: - Configure Gerrit servers - Connect and disconnect configured Gerrit servers The missing permission checks have been added...

5.5CVSS5.6AI score0.00908EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/02/26 12:0 a.m.8 views

Improper access control allowed users without ManageOwnership permission to change job ownership metadata in Job and Node ownership Plugin

Job and Node ownership Plugin did not prevent the ownership metadata being overwritten when a job or node configuration was updated from the CLI or using the remote API POST config.xml. This allowed users with Job/Configure permission but without ManageOwnership/Jobs permission to change job...

6.5CVSS6.5AI score0.007EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/02/26 12:0 a.m.7 views

Disclosure of user names and node names to unauthorized users through post-commit hook URL in Subversion Plugin

The class handling unauthenticated Subversion post-commit hook notification requests at the /subversion/ path unnecessarily extended another type that handled requests to the …/search/ sub-path. This allowed submission of search queries to Jenkins, and getting a list of search results usually...

5.3CVSS6AI score0.00914EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/02/26 12:0 a.m.7 views

Stored cross-site scripting vulnerability in TestLink Plugin

Users with Job/Configure permission were able to configure TestLink reports to display arbitrary unescaped HTML e.g. in test case names. The plugin now properly escapes its HTML output...

5.4CVSS5.7AI score0.00719EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/02/14 12:0 a.m.7 views

Improper input validation allows unintended access to plugin resource files on case-insensitive file systems

Jenkins did not take into account case-insensitive file systems when preventing access to plugin resource files that should not be accessible. This allowed users with Overall/Read permission to download plugin resource files in META-INF and WEB-INF directories, such as the plugins' JAR files, whi...

5.3CVSS5.9AI score0.0197EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/02/14 12:0 a.m.8 views

Improperly secured form validation for proxy configuration allowed Server-Side Request Forgery

The form validation for the proxy configuration form did not check the permission of the user accessing it, allowing anyone with Overall/Read access to Jenkins to cause Jenkins to send a GET request to a specified URL, optionally with a specified proxy configuration. If that request's HTTP respon...

6.4CVSS6.4AI score0.01678EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/02/14 12:0 a.m.6 views

Path traversal vulnerability allows access to files outside plugin resources

Jenkins did not properly prevent specifying relative paths that escape a base directory for URLs accessing plugin resource files. This allowed users with Overall/Read permission to download files from the Jenkins controller they should not have access to. On Windows, any file accessible to the...

6.5CVSS6.9AI score0.0388EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/02/05 12:0 a.m.20 views

SECURITY-698

Bulletin has no description...

3.1CVSS4.9AI score
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
added 2018/02/05 12:0 a.m.8 views

SECURITY-699

Bulletin has no description...

8.8CVSS4.9AI score
Exploits0Affected Software1
Total number of security vulnerabilities1464