Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
JenkinsRecent
RecentMost viewed

1440 matches found

Jenkins Security Advisories
Jenkins Security Advisories•added 2023/07/12 12:0 a.m.•2 views

Missing permission check in macstadium-orka allows capturing credentials

macstadium-orka 1.33 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

7.1CVSS7AI score0.00525EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/07/12 12:0 a.m.•2 views

XXE vulnerability in external-monitor-job

external-monitor-job 206.v9a94ff0b4a10 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers with Item/Build permission to have Jenkins parse a crafted HTTP request with XML data that uses external entities for extraction of secrets from t...

7.1CVSS6.6AI score0.00507EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/07/12 12:0 a.m.•2 views

CSRF vulnerability in pipeline-restful-api

pipeline-restful-api 0.11 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to have Jenkins connect to an attacker-specified URL, capturing a newly generated JCLI token that allows...

8.8CVSS7.9AI score0.0034EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/07/12 12:0 a.m.•2 views

CSRF vulnerability and missing permission checks in mabl-integration allow capturing credentials

mabl-integration 0.0.46 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in...

7.1CVSS6.4AI score0.00555EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/07/12 12:0 a.m.•3 views

CSRF vulnerability in rebuild

rebuild 320.v5a0933ae7d61 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to rebuild a previous build. As of publication of this advisory, there is no fix. Learn why we announce this...

4.3CVSS4.9AI score0.00287EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/07/12 12:0 a.m.•2 views

Exposure of system-scoped credentials in mabl-integration

mabl-integration 0.0.46 and earlier does not set the appropriate context for credentials lookup, allowing the use of System-scoped credentials otherwise reserved for the global configuration. This allows attackers with Item/Configure permission to access and capture credentials they are not...

6.5CVSS6.4AI score0.00555EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/07/12 12:0 a.m.•2 views

Arbitrary file read vulnerability in mathworks-polyspace

mathworks-polyspace 1.0.5 and earlier does not restrict the path of the attached files in Polyspace Notification post-build step. This allows attackers with Item/Configure permission to send emails with arbitrary files from the Jenkins controller file system. As of publication of this advisory,...

6.5CVSS6.5AI score0.00955EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/07/12 12:0 a.m.•2 views

CSRF vulnerability and missing permission check in test-results-aggregator

test-results-aggregator 1.2.13 and earlier does not perform a permission check in an HTTP endpoint implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password. Additionally, this HTTP...

6.5CVSS6.3AI score0.00513EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/07/12 12:0 a.m.•2 views

CSRF vulnerability and missing permission checks in benchmark-evaluator

benchmark-evaluator 1.0.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL and to check for the existence of directories, .csv, and .ycsb files on the Jenkins...

8.8CVSS6.6AI score0.00423EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/07/12 12:0 a.m.•2 views

CSRF vulnerability in assembla-auth

assembla-auth 1.14 and earlier does not implement a state parameter in its OAuth flow, a unique and non-guessable value associated with each authentication request. This vulnerability allows attackers to trick users into logging in to the attacker's account. As of publication of this advisory,...

8.8CVSS7.9AI score0.00413EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/07/12 12:0 a.m.•2 views

CSRF vulnerability and missing permission checks in elasticbox allow capturing credentials

elasticbox 5.0.1 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS7.2AI score0.00627EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/07/12 12:0 a.m.•2 views

CSRF vulnerability and missing permission checks in sumologic-publisher

sumologic-publisher 2.2.1 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL. Additionally, this form validation method does not require POST requests, resulting in a...

8.8CVSS6.9AI score0.00469EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/06/14 12:0 a.m.•2 views

Stored XSS vulnerability in repository

repository 1.10 and earlier does not escape the versions of build artifacts on the Build Artifacts As Maven Repository page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control maven project versions in pom.xml. As of publication of this...

8CVSS6.3AI score0.00617EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/06/14 12:0 a.m.•2 views

Exposure of system-scoped credentials in dimensionsscm

dimensionsscm 0.9.3 and earlier does not set the appropriate context for credentials lookup, allowing the use of System-scoped credentials otherwise reserved for the global configuration. This allows attackers with Item/Configure permission to access and capture credentials they are not entitled...

6.5CVSS5.5AI score0.0083EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/06/14 12:0 a.m.•2 views

Missing permission check in dimensionsscm allows enumerating credentials IDs

dimensionsscm 0.9.3 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability...

6.5CVSS5.5AI score0.00625EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/06/14 12:0 a.m.•2 views

SSL/TLS certificate validation disabled by default in checkmarx

checkmarx allows to globally enable or disable SSL/TLS validation for connections to the Checkmarx server. checkmarx 2022.4.3 and earlier disables it by default. Unless changed by an administrator, it would cause all connections to the Checkmarx server to ignore SSL/TLS validation, thereby enabli...

8.1CVSS7.6AI score0.00775EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/06/14 12:0 a.m.•2 views

Arbitrary file read vulnerability in aws-codecommit-trigger

aws-codecommit-trigger allows downloading activity logs of AWS Simple Queue Service SQS queues. aws-codecommit-trigger 3.0.12 and earlier does not restrict the queue name path parameter in the corresponding HTTP endpoint, allowing attackers with Item/Read permission to obtain the contents of...

6.5CVSS6.5AI score0.0063EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/06/14 12:0 a.m.•2 views

Stored XSS vulnerability in repository

repository 1.10 and earlier does not escape project and build display names on the Build Artifacts As Maven Repository page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to change project or build display names. As of publication of this advisory,...

8CVSS6.3AI score0.00617EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/06/14 12:0 a.m.•2 views

Stored XSS vulnerability in template-workflows

template-workflows 41.v32d86a313b4a and earlier does not escape names of jobs used as buildings blocks for Template Workflow Job. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to create jobs. As of publication of this advisory, there is no fix. Lear...

8CVSS6.3AI score0.00752EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/06/14 12:0 a.m.•2 views

Stored XSS vulnerability in sonargraph-integration

sonargraph-integration 5.0.1 and earlier does not correctly escape the file path and the project name for the Log file field form validation. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. NOTE: This issue is caused by an...

8CVSS5.8AI score0.00656EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/06/14 12:0 a.m.•3 views

CSRF protection bypass vulnerability

Jenkins provides context menus for various UI elements, like links to jobs and builds, or breadcrumbs. In Jenkins 2.399 and earlier, LTS 2.387.3 and earlier, POST requests are sent in order to load the list of context actions. If part of the URL includes insufficiently escaped user-provided value...

8CVSS7.5AI score0.0086EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/06/14 12:0 a.m.•2 views

Missing permission checks in teamconcert

teamconcert 2.4.1 and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. teamconcert 2.4.2 requires...

4.3CVSS5AI score0.00412EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/06/14 12:0 a.m.•2 views

CSRF vulnerability and missing permission checks in ease-plugin

ease-plugin 2.6 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS5.8AI score0.00658EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

SSL/TLS certificate validation unconditionally disabled by miniorange-saml-sp

miniorange-saml-sp 2.1.0 and earlier unconditionally disables SSL/TLS certificate validation for connections to miniOrange or the configured IdP to retrieve SAML metadata. This lack of validation could be abused using a man-in-the-middle attack to intercept these connections. miniorange-saml-sp...

4.8CVSS5AI score0.00244EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

Session fixation vulnerability in cas-plugin

cas-plugin 1.6.2 and earlier does not invalidate the existing session on login. This allows attackers to use social engineering techniques to gain administrator access to Jenkins. cas-plugin 1.6.3 invalidates the existing session on login...

8.8CVSS7.9AI score0.00794EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

Session fixation vulnerability in wso2id-oauth

wso2id-oauth 1.0 and earlier does not invalidate the existing session on login. This allows attackers to use social engineering techniques to gain administrator access to Jenkins. As of publication of this advisory, there is no fix. Learn why we announce this...

8.8CVSS5.6AI score0.00431EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

Stored XSS vulnerability in loadcomplete

loadcomplete 1.0 and earlier does not escape the LoadComplete test name in its test result page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. As of publication of this advisory, there is no fix. Learn why we announce this...

8CVSS5.3AI score0.00456EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

Missing permission check in email-ext

email-ext 2.96 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system. This form...

4.3CVSS5AI score0.00503EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

Arbitrary file write vulnerability in file-parameters

file-parameters 285.v757c5b67ac25 and earlier does not restrict the name and resulting uploaded file name of Stashed File Parameters. This allows attackers with Item/Configure permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content...

8.8CVSS8AI score0.63137EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

CSRF vulnerability in email-ext

email-ext 2.96 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This allows attackers to make another user stop watching an attacker-specified job. email-ext 2.96.1 requires POST requests for the affected HTTP endpoint...

4.3CVSS4.9AI score0.00368EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

CSRF vulnerability and missing permission checks in azure-vm-agents

azure-vm-agents 852.v8d35f0960a43 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method...

8.8CVSS6.9AI score0.00578EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

Missing permission check in azure-vm-agents allows enumerating credentials IDs

azure-vm-agents 852.v8d35f0960a43 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another...

4.3CVSS5AI score0.00503EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

CSRF vulnerability in ldap

ldap 673.v034ec70ec2bb and earlier does not require POST requests for a form validation method, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials. ldap...

4.3CVSS5AI score0.003EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

CSRF vulnerability in reverse-proxy-auth-plugin

reverse-proxy-auth-plugin 1.7.4 and earlier does not require POST requests for a form validation method, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials...

8.8CVSS7.9AI score0.0045EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

Path traversal vulnerability in sidebar-link

sidebar-link allows specifying files in the userContent/ directory for use as link icons. sidebar-link 2.2.1 and earlier does not restrict the path of files in a method implementing form validation. This allows attackers with Overall/Read permission to check for the existence of an...

4.3CVSS5AI score0.72358EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

Stored XSS vulnerability in testng-plugin

testng-plugin 730.v4c5283037693 and earlier does not escape several values that are parsed from TestNG report files and displayed on the plugin's test information pages. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide a crafted TestNG repor...

8CVSS5.3AI score0.00456EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

CSRF vulnerability and missing permission checks in codedx

codedx 3.1.0 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified URL. Additionally, these HTTP endpoints do not require POST requests, resulting in a cross-site request forgery CSRF...

4.3CVSS4.9AI score0.00411EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

Missing hostname validation in miniorange-saml-sp

miniorange-saml-sp 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata. This lack of validation could be abused using a man-in-the-middle attack to intercept these connections. miniorange-saml-sp 2.1.0 performs...

4.8CVSS5.2AI score0.00209EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

CSRF vulnerability and missing permission check in miniorange-saml-sp

miniorange-saml-sp 2.0.0 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails. Additionally, this HTTP...

8.8CVSS6.2AI score0.0045EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

CSRF vulnerability and missing permission checks in miniorange-saml-sp allow XXE

miniorange-saml-sp 2.0.2 and earlier does not perform permission checks in multiple HTTP endpoints. This allows attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML. As the...

8.8CVSS8AI score0.00832EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

Secrets stored and displayed in plain text by ansible

ansible allows the specification of extra variables that can be passed to Ansible. These extra variables are commonly used to pass secrets. ansible 204.v8191fd551ebf and earlier stores these extra variables unencrypted in job config.xml files on the Jenkins controller as part of its configuration...

5.3CVSS5.1AI score0.00379EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

Arbitrary file write vulnerability on agents in pipeline-utility-steps

pipeline-utility-steps provides the untar and unzip Pipeline steps to extract archives into job workspaces. pipeline-utility-steps 2.15.2 and earlier does not validate or limit file paths of files contained within these archives. This allows attackers able to provide crafted archives as parameter...

8.8CVSS8AI score0.01016EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

Stored XSS vulnerability in workflow-job

workflow-job 1292.v27d8cc3e2602 and earlier does not escape the display name of the build that caused an earlier build to be aborted, when "Do not allow concurrent builds" is set. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to set build display...

7.5CVSS5.3AI score0.00586EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

Improper masking of credentials in hashicorp-vault-plugin

hashicorp-vault-plugin 360.v0a1c04cf807d and earlier does not properly mask i.e., replace with asterisks credentials printed in the build log from Pipeline steps like sh and bat, when both of the following conditions are met: The credentials are printed in build steps executing on an agent...

7.5CVSS7.2AI score0.00601EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•1 views

Missing permission checks in codedx

codedx 3.1.0 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Item/Read permission to check for the existence of an attacker-specified file path on an agent file system. codedx 4.0.0 requires Item/Configure permission for this fo...

4.3CVSS5AI score0.00953EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

API keys stored and displayed in plain text by codedx

codedx 3.1.0 and earlier stores Code Dx server API keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These API keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Additionally, the job...

4.3CVSS5AI score0.00633EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

Stored XSS vulnerability in TestComplete

TestComplete 2.8.1 and earlier does not escape the TestComplete project name in its test result page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. As of publication of this advisory, there is no fix. Learn why we announce...

8CVSS5.3AI score0.02364EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

Credentials displayed without masking by cavisson-ns-nd-integration

cavisson-ns-nd-integration stores credentials in job config.xml files on the Jenkins controller as part of its configuration. While these credentials are stored encrypted on disk, in cavisson-ns-nd-integration 4.8.0.149 and earlier, the job configuration form does not mask these credentials,...

7.5CVSS7.3AI score0.00569EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•2 views

CSRF vulnerability and missing permission check in jenkinsci-appspider-plugin

jenkinsci-appspider-plugin 1.0.15 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified...

8.8CVSS6.2AI score0.00509EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories•added 2023/05/16 12:0 a.m.•3 views

CSRF vulnerability and missing permission checks in tag-profiler

tag-profiler 0.2 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to reset profiler statistics. Additionally, this HTTP endpoint does not require POST requests, resulting in a cross-site request forgery CSRF vulnerability. As ...

4.3CVSS4.8AI score0.00425EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1440