Lucene search
K
JenkinsRecent

1464 matches found

Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•5 views

CSRF vulnerability and missing permission checks in codedx

codedx 3.1.0 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified URL. Additionally, these HTTP endpoints do not require POST requests, resulting in a cross-site request forgery CSRF...

4.3CVSS4.9AI score0.00411EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•7 views

Missing permission checks in codedx

codedx 3.1.0 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Item/Read permission to check for the existence of an attacker-specified file path on an agent file system. codedx 4.0.0 requires Item/Configure permission for this fo...

4.3CVSS5AI score0.00953EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•4 views

CSRF vulnerability and missing permission check in jenkinsci-appspider-plugin

jenkinsci-appspider-plugin 1.0.15 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified...

8.8CVSS6.2AI score0.00509EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•5 views

Credentials displayed without masking by cavisson-ns-nd-integration

cavisson-ns-nd-integration stores credentials in job config.xml files on the Jenkins controller as part of its configuration. While these credentials are stored encrypted on disk, in cavisson-ns-nd-integration 4.8.0.149 and earlier, the job configuration form does not mask these credentials,...

7.5CVSS7.3AI score0.00569EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•8 views

CSRF vulnerability and missing permission checks in tag-profiler

tag-profiler 0.2 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to reset profiler statistics. Additionally, this HTTP endpoint does not require POST requests, resulting in a cross-site request forgery CSRF vulnerability. As ...

4.3CVSS4.8AI score0.00425EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•5 views

CSRF vulnerability in wso2id-oauth

wso2id-oauth 1.0 and earlier does not implement a state parameter in its OAuth flow, a unique and non-guessable value associated with each authentication request. This vulnerability allows attackers to trick users into logging in to the attacker's account. As of publication of this advisory, ther...

5.4CVSS5.7AI score0.00319EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•9 views

CSRF vulnerability in ldap

ldap 673.v034ec70ec2bb and earlier does not require POST requests for a form validation method, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials. ldap...

4.3CVSS5AI score0.003EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•5 views

Missing permission check in email-ext

email-ext 2.96 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system. This form...

4.3CVSS5AI score0.00503EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•4 views

Arbitrary file write vulnerability on agents in pipeline-utility-steps

pipeline-utility-steps provides the untar and unzip Pipeline steps to extract archives into job workspaces. pipeline-utility-steps 2.15.2 and earlier does not validate or limit file paths of files contained within these archives. This allows attackers able to provide crafted archives as parameter...

8.8CVSS8AI score0.01016EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•5 views

Stored XSS vulnerability in testng-plugin

testng-plugin 730.v4c5283037693 and earlier does not escape several values that are parsed from TestNG report files and displayed on the plugin's test information pages. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to provide a crafted TestNG repor...

8CVSS5.3AI score0.00456EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•5 views

Arbitrary file write vulnerability in file-parameters

file-parameters 285.v757c5b67ac25 and earlier does not restrict the name and resulting uploaded file name of Stashed File Parameters. This allows attackers with Item/Configure permission to create or replace arbitrary files on the Jenkins controller file system with attacker-specified content...

8.8CVSS8AI score0.63137EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•5 views

CSRF vulnerability in reverse-proxy-auth-plugin

reverse-proxy-auth-plugin 1.7.4 and earlier does not require POST requests for a form validation method, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials...

8.8CVSS7.9AI score0.0045EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•4 views

Missing permission check in azure-vm-agents allows enumerating credentials IDs

azure-vm-agents 852.v8d35f0960a43 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another...

4.3CVSS5AI score0.00503EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•6 views

CSRF vulnerability and missing permission checks in azure-vm-agents

azure-vm-agents 852.v8d35f0960a43 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method...

8.8CVSS6.9AI score0.00578EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•4 views

CSRF vulnerability and missing permission checks in miniorange-saml-sp allow XXE

miniorange-saml-sp 2.0.2 and earlier does not perform permission checks in multiple HTTP endpoints. This allows attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML. As the...

8.8CVSS8AI score0.00832EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•8 views

Missing hostname validation in miniorange-saml-sp

miniorange-saml-sp 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata. This lack of validation could be abused using a man-in-the-middle attack to intercept these connections. miniorange-saml-sp 2.1.0 performs...

4.8CVSS5.2AI score0.00209EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•5 views

CSRF vulnerability and missing permission check in miniorange-saml-sp

miniorange-saml-sp 2.0.0 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails. Additionally, this HTTP...

8.8CVSS6.2AI score0.0045EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•29 views

API keys stored and displayed in plain text by codedx

codedx 3.1.0 and earlier stores Code Dx server API keys unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These API keys can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Additionally, the job...

4.3CVSS5AI score0.00633EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•4 views

Improper masking of credentials in hashicorp-vault-plugin

hashicorp-vault-plugin 360.v0a1c04cf807d and earlier does not properly mask i.e., replace with asterisks credentials printed in the build log from Pipeline steps like sh and bat, when both of the following conditions are met: The credentials are printed in build steps executing on an agent...

7.5CVSS7.2AI score0.00601EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•5 views

Stored XSS vulnerability in TestComplete

TestComplete 2.8.1 and earlier does not escape the TestComplete project name in its test result page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. As of publication of this advisory, there is no fix. Learn why we announce...

8CVSS5.3AI score0.02364EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•20 views

Session fixation vulnerability in wso2id-oauth

wso2id-oauth 1.0 and earlier does not invalidate the existing session on login. This allows attackers to use social engineering techniques to gain administrator access to Jenkins. As of publication of this advisory, there is no fix. Learn why we announce this...

8.8CVSS5.6AI score0.00431EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•7 views

Stored XSS vulnerability in loadcomplete

loadcomplete 1.0 and earlier does not escape the LoadComplete test name in its test result page. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission. As of publication of this advisory, there is no fix. Learn why we announce this...

8CVSS5.3AI score0.00456EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•9 views

Stored XSS vulnerability in workflow-job

workflow-job 1292.v27d8cc3e2602 and earlier does not escape the display name of the build that caused an earlier build to be aborted, when "Do not allow concurrent builds" is set. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to set build display...

7.5CVSS5.3AI score0.00586EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•6 views

Secrets stored and displayed in plain text by ansible

ansible allows the specification of extra variables that can be passed to Ansible. These extra variables are commonly used to pass secrets. ansible 204.v8191fd551ebf and earlier stores these extra variables unencrypted in job config.xml files on the Jenkins controller as part of its configuration...

5.3CVSS5.1AI score0.00379EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/05/16 12:0 a.m.•5 views

CSRF vulnerability in email-ext

email-ext 2.96 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This allows attackers to make another user stop watching an attacker-specified job. email-ext 2.96.1 requires POST requests for the affected HTTP endpoint...

4.3CVSS4.9AI score0.00368EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/04/12 12:0 a.m.•4 views

Improper masking of credentials in multiple plugins

Multiple plugins do not properly mask i.e., replace with asterisks credentials printed in the build log from Pipeline steps like sh and bat, when both of the following conditions are met: The credentials are printed in build steps executing on an agent typically inside a node block. Push mode for...

7.5CVSS7.1AI score0.00491EPSS
Exploits0Affected Software3
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/04/12 12:0 a.m.•9 views

Disabled SSL/TLS certificate validation for existing configurations in image-tag-parameter

image-tag-parameter 2.0 improperly introduces an option to opt out of SSL/TLS certificate validation when connecting to Docker registries. Job configurations using Image Tag Parameters that were created before 2.0 will have SSL/TLS certificate validation disabled by default. As of publication of...

6.5CVSS6AI score0.00458EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/04/12 12:0 a.m.•4 views

Missing permission check in thycotic-secret-server allows enumerating credentials IDs

thycotic-secret-server 1.0.2 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another...

4.3CVSS5.1AI score0.00519EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/04/12 12:0 a.m.•5 views

Lack of authentication mechanism in quayio-trigger webhook

quayio-trigger provides a webhook endpoint at /quayio-webhook/ that can be used to trigger builds of jobs configured to use a specified repository. In quayio-trigger 0.1 and earlier, this endpoint can be accessed without authentication. This allows unauthenticated attackers to trigger builds of...

5.3CVSS5.6AI score0.0046EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/04/12 12:0 a.m.•5 views

Stored XSS vulnerability in quayio-trigger

quayio-trigger 0.1 and earlier does not limit URL schemes for repository homepage URLs submitted via Quay.io trigger webhooks. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to submit crafted Quay.io trigger webhook payloads. As of publication of thi...

8.8CVSS5.3AI score0.0048EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/04/12 12:0 a.m.•7 views

Lack of authentication mechanism in assembla-merge-request-builder webhook

assembla-merge-request-builder provides a webhook endpoint at /assembla-webhook/ that can be used to trigger builds of jobs configured to use a specified repository. In assembla-merge-request-builder 1.1.13 and earlier, this endpoint can be accessed without authentication. This allows...

5.3CVSS5.6AI score0.00518EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/04/12 12:0 a.m.•4 views

Lack of authentication mechanism in fogbugz webhook

fogbugz provides a webhook endpoint at /fbTrigger/ that can be used to trigger builds of any jobs. In fogbugz 2.2.17 and earlier, this endpoint can be accessed by attackers with Item/Read permission, allowing them to trigger builds of jobs specified in a jobname request parameter. As of publicati...

4.3CVSS5.1AI score0.00448EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/04/12 12:0 a.m.•5 views

Tokens stored and displayed in plain text by reportportal

reportportal 0.5 and earlier stores ReportPortal access tokens unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These tokens can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. Additionally, the...

4.3CVSS5AI score0.00431EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/04/12 12:0 a.m.•6 views

CSRF vulnerability and missing permission check in reportportal

reportportal 0.5 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified bearer token authentication. Additionally, this form validation method doe...

8.8CVSS6.9AI score0.0078EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/04/12 12:0 a.m.•6 views

Client secret stored and displayed in plain text by wso2id-oauth

wso2id-oauth 1.0 and earlier stores the WSO2 Oauth client secret unencrypted in the global config.xml file on the Jenkins controller as part of its configuration. This client secret can be viewed by users with access to the Jenkins controller file system. Additionally, the global configuration fo...

6.5CVSS5.5AI score0.00397EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/04/12 12:0 a.m.•5 views

CSRF vulnerability in lucene-search

lucene-search 387.v938aecbf7fe9 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to reindex the database. As of publication of this advisory, there is no fix. Learn why we announce th...

4.3CVSS5AI score0.00349EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/04/12 12:0 a.m.•6 views

Token stored and displayed in plain text by consul-kv-builder

consul-kv-builder 2.0.13 and earlier stores the HashiCorp Consul ACL Token unencrypted in its global configuration file org.jenkinsci.plugins.consulkv.GlobalConsulConfig.xml on the Jenkins controller as part of its configuration. This token can be viewed by users with access to the Jenkins...

6.5CVSS5.5AI score0.00397EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/04/12 12:0 a.m.•4 views

Lack of authentication mechanism in spoonscript webhook

spoonscript provides a webhook endpoint at /turbo-webhook/ that can be used to trigger builds of jobs configured to use a specified repository. In spoonscript 1.3 and earlier, this endpoint can be accessed by attackers with Item/Read permission to trigger builds of jobs corresponding to the...

6.5CVSS6.4AI score0.0057EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/04/12 12:0 a.m.•5 views

SSL/TLS certificate validation unconditionally disabled by neuvector-vulnerability-scanner

neuvector-vulnerability-scanner 1.22 and earlier unconditionally disables SSL/TLS certificate and hostname validation when connecting to a configured NeuVector Vulnerability Scanner server. As of publication of this advisory, there is no fix. Learn why we announce this...

5.9CVSS5.9AI score0.00322EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•6 views

Incorrect permission checks in role-strategy

Permissions in Jenkins can be enabled and disabled. Some permissions are disabled by default, e.g., Overall/Manage or Item/Extended Read. Disabled permissions cannot be granted directly, only through greater permissions that imply them e.g., Overall/Administer or Item/Configure. role-strategy...

9.8CVSS8.2AI score0.00828EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•6 views

Stored XSS vulnerability in jacoco

jacoco 3.3.2 and earlier does not escape class and method names shown on the UI. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control input files for the 'Record JaCoCo coverage report' post-build action. jacoco 3.3.2.1 escapes class and method...

8CVSS5.3AI score0.0056EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•5 views

Missing permission check in octoperf

octoperf 4.5.1 and earlier does not perform a permission check in a connection test HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in...

7.1CVSS6.4AI score0.00509EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•8 views

Command injection vulnerability in convert-to-pipeline results in RCE

convert-to-pipeline 1.0 and earlier uses basic string concatenation to convert Freestyle projects' Build Environment, Build Steps, and Post-build Actions to the equivalent Pipeline step invocations. This allows attackers able to configure Freestyle projects to prepare a crafted configuration that...

9.8CVSS7.3AI score0.00779EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•5 views

XXE vulnerability in crap4j

crap4j 0.9 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control Crap Report file contents to have Jenkins parse a crafted XML document that uses external entities for extraction of secrets from the Jenkins controller or...

7.5CVSS7.3AI score0.00766EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•6 views

XXE vulnerability in vs-code-metrics

vs-code-metrics 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control VS Code Metrics File contents to have Jenkins parse a crafted XML document that uses external entities for extraction of secrets from the Jenkins...

8.2CVSS7.9AI score0.00569EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•7 views

XXE vulnerability in perfpublisher

perfpublisher 8.09 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control PerfPublisher report files to have Jenkins parse a crafted XML document that uses external entities for extraction of secrets from the Jenkins...

8.2CVSS7.8AI score0.00569EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•5 views

XXE vulnerability in phabricator-plugin

phabricator-plugin 2.1.5 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control coverage report file contents for the 'Post to Phabricator' post-build action to have Jenkins parse a crafted XML document that uses external...

8.2CVSS7.8AI score0.00569EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•4 views

XXE vulnerability in remote-jobs-view-plugin

remote-jobs-view-plugin 0.0.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows authenticated attackers with Overall/Read permission to have Jenkins parse a crafted XML document that uses external entities for extraction of secrets from the...

7.1CVSS6.5AI score0.00715EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•5 views

XXE vulnerability in absint-a3

absint-a3 1.1.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control 'Project File APX' contents to have Jenkins parse a crafted XML document that uses external entities for extraction of secrets from the Jenkins controlle...

7.1CVSS7.2AI score0.00602EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•5 views

Stored XSS vulnerability in pipeline-aggregator-view

pipeline-aggregator-view 1.13 and earlier does not escape a variable representing the current view's URL in inline JavaScript. This results in a stored cross-site scripting XSS vulnerability exploitable by authenticated attackers with Overall/Read permission. pipeline-aggregator-view 1.14 obtains...

8CVSS5.3AI score0.00456EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1464