Lucene search
K
JenkinsRecent

1464 matches found

Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•6 views

XXE vulnerability in phabricator-plugin

phabricator-plugin 2.1.5 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control coverage report file contents for the 'Post to Phabricator' post-build action to have Jenkins parse a crafted XML document that uses external...

8.2CVSS7.8AI score0.00569EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•7 views

XXE vulnerability in vs-code-metrics

vs-code-metrics 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control VS Code Metrics File contents to have Jenkins parse a crafted XML document that uses external entities for extraction of secrets from the Jenkins...

8.2CVSS7.9AI score0.00569EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•6 views

XXE vulnerability in absint-a3

absint-a3 1.1.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control 'Project File APX' contents to have Jenkins parse a crafted XML document that uses external entities for extraction of secrets from the Jenkins controlle...

7.1CVSS7.2AI score0.00602EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•9 views

Command injection vulnerability in convert-to-pipeline results in RCE

convert-to-pipeline 1.0 and earlier uses basic string concatenation to convert Freestyle projects' Build Environment, Build Steps, and Post-build Actions to the equivalent Pipeline step invocations. This allows attackers able to configure Freestyle projects to prepare a crafted configuration that...

9.8CVSS7.3AI score0.00779EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•6 views

Missing permission check in octoperf

octoperf 4.5.1 and earlier does not perform a permission check in a connection test HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in...

7.1CVSS6.4AI score0.00509EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/21 12:0 a.m.•7 views

Stored XSS vulnerability in jacoco

jacoco 3.3.2 and earlier does not escape class and method names shown on the UI. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control input files for the 'Record JaCoCo coverage report' post-build action. jacoco 3.3.2.1 escapes class and method...

8CVSS5.3AI score0.0056EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/08 12:0 a.m.•6 views

XSS vulnerability in plugin manager

Jenkins 2.270 through 2.393 both inclusive, LTS 2.277.1 through 2.375.3 both inclusive does not escape the Jenkins version a plugin depends on when rendering the error message stating its incompatibility with the current version of Jenkins in the plugin manager. This results in a stored cross-sit...

9.6CVSS7.1AI score0.0184EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/08 12:0 a.m.•5 views

Temporary plugin file created with insecure permissions

Jenkins creates a temporary file when a plugin is uploaded from an administrator's computer. Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates this temporary file in the system temporary directory with the default permissions for newly created files. If these permissions are overly...

7CVSS7.6AI score0.00233EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/08 12:0 a.m.•4 views

DoS vulnerability in bundled Apache Commons FileUpload library

Jenkins 2.393 and earlier, LTS 2.375.3 and earlier is affected by the Apache Commons FileUpload library's vulnerability https://nvd.nist.gov/vuln/detail/CVE-2023-24998CVE-2023-24998. This library is used to process uploaded files via the Stapler web framework usually through StaplerRequestgetFile...

7.5CVSS6.5AI score0.46836EPSS
Exploits1Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/08 12:0 a.m.•4 views

Workspace temporary directories accessible through directory browser

Jenkins uses temporary directories adjacent to workspace directories, usually with the @tmp name suffix, to store temporary files related to the build. In pipelines, these temporary directories are adjacent to the current working directory when operating in a subdirectory of the automatically...

4.3CVSS5.7AI score0.00745EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/08 12:0 a.m.•5 views

Temporary file parameter created with insecure permissions

When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI's standard input. Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates this temporary file in the default temporary directory with the default...

4.4CVSS5.7AI score0.00244EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/08 12:0 a.m.•4 views

Information disclosure through error stack traces related to agents

Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error stack trace on agent-related pages when agent connections are broken. This stack trace may contain information about Jenkins configuration that is otherwise inaccessible to attackers. Jenkins 2.394, LTS 2.375.4, and LTS 2.387.1 do...

5.3CVSS6.2AI score0.00724EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/03/08 12:0 a.m.•4 views

XSS vulnerability in update-center2

https://github.com/jenkins-infra/update-center2/update-center2 is the tool used to generate the Jenkins update sites hosted on updates.jenkins.io. NOTE: While it is designed for use by the Jenkins project for this purpose, others may be using it to operate their own self-hosted update sites...

9.6CVSS6.8AI score0.01541EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/02/15 12:0 a.m.•5 views

Stored XSS vulnerability in junit

junit 1166.va436e268e972 and earlier does not escape test case class names in JavaScript expressions. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control test case class names in the JUnit resources processed by the plugin. junit...

8CVSS5.3AI score0.00699EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/02/15 12:0 a.m.•7 views

Stored XSS vulnerability in pipeline-build-step

pipeline-build-step 2.18 and earlier does not escape job names in a JavaScript expression used in the Pipeline Snippet Generator. This results in a stored cross-site scripting XSS vulnerability exploitable by attackers able to control job names. pipeline-build-step 2.18.1 escapes job names in the...

8CVSS5.3AI score0.814EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/02/15 12:0 a.m.•7 views

XSS vulnerability in bundled email templates in email-ext

email-ext bundled multiple preconfigured templates for notification emails. The Email Template Testing feature can be used to see what these and other templates would look like based on a given build. email-ext 2.93 and earlier does not escape various fields included in those email templates, lik...

8CVSS5.4AI score0.00602EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/02/15 12:0 a.m.•4 views

Stored XSS vulnerability in custom email templates in email-ext

email-ext allows defining custom email templates using https://plugins.jenkins.io/config-file-provider/Config File Provider plugin as Jelly or Groovy files. The Email Template Testing feature can be used to see what these templates would look like based on a given build by specifying the managed:...

8CVSS5.4AI score0.00602EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/02/15 12:0 a.m.•6 views

Script Security sandbox bypass vulnerability in email-ext

email-ext allows defining custom email templates using https://plugins.jenkins.io/config-file-provider/Config File Provider plugin as Jelly or Groovy files. When defined inside a https://plugins.jenkins.io/cloudbees-folder/folder, email templates need to be subject to Script Security protection...

9.9CVSS9AI score0.01095EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/02/15 12:0 a.m.•8 views

Missing permission checks in azure-credentials allow enumerating credentials IDs

azure-credentials 253.v887e0f9e898b and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using...

4.3CVSS5.1AI score0.00511EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/02/15 12:0 a.m.•5 views

CSRF vulnerability and missing permission checks in azure-credentials

azure-credentials 253.v887e0f9e898b and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified web server. Additionally, these form validation methods do not require POST requests,...

8.8CVSS7.1AI score0.00639EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/02/15 12:0 a.m.•5 views

Missing permission checks in synopsys-coverity allow enumerating credentials IDs

synopsys-coverity 3.0.2 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another...

4.3CVSS5.1AI score0.00509EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/02/15 12:0 a.m.•5 views

CSRF vulnerability and missing permission checks in synopsys-coverity allow capturing credentials

synopsys-coverity 3.0.2 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stor...

7.1CVSS4.9AI score0.0052EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/02/09 12:0 a.m.•8 views

Git releases with critical vulnerabilities on Jenkins Docker images

The Jenkins project provides Docker images for both controllers and agents. Most of these Docker images include the git command line tool to interact with Git repositories. Git releases published before 2023-01-17 are affected by the vulnerabilities...

9.8CVSS9.1AI score0.56334EPSS
Exploits0
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•6 views

CSRF vulnerability and missing permission check in testquality-updater

testquality-updater 1.3 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password. Additionally, this form validation method do...

8.8CVSS6.9AI score0.00723EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•84 views

XXE vulnerability on agents in semantic-versioning-plugin

semantic-versioning-plugin 1.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control the contents of the version file for the 'Determine Semantic Version' build step to have agent processes parse a crafted file that uses...

9.8CVSS8.6AI score0.0128EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•7 views

Sandbox bypass vulnerability in script-security

script-security provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are generally safe to execute. Calls to code defined inside a sandboxed script are intercepted, and various allowlists are checked to determine whether the call is to be allowe...

8.8CVSS8.2AI score0.00585EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•4 views

CSRF vulnerability in gerrit-trigger

gerrit-trigger 2.38.0 and earlier does not require POST requests for several HTTP endpoints, resulting in a cross-site request forgery CSRF vulnerability. This vulnerability allows attackers to rebuild previous builds triggered by Gerrit. gerrit-trigger 2.38.1 requires POST requests for the...

6.5CVSS6.3AI score0.00487EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•5 views

Session fixation vulnerability in oic-auth

oic-auth 2.4 and earlier does not invalidate the existing session on login. This allows attackers to use social engineering techniques to gain administrator access to Jenkins. oic-auth 2.5 invalidates the existing session on login...

8.8CVSS7.9AI score0.0118EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•5 views

Exposure of system-scoped Kubernetes credentials in kubernetes-credentials-provider

kubernetes-credentials-provider 1.208.v128ee9800c04 and earlier does not set the appropriate context for Kubernetes credentials lookup, allowing the use of System-scoped credentials otherwise reserved for the global configuration. This allows attackers with Item/Configure permission to access and...

6.5CVSS6.4AI score0.00821EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•6 views

Session fixation vulnerability in azure-ad

azure-ad 303.va91ef20ee49f and earlier does not invalidate the existing session on login. This allows attackers to use social engineering techniques to gain administrator access to Jenkins. azure-ad 306.va7083923fd50 invalidates the existing session on login...

8.8CVSS7.9AI score0.01018EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•19 views

Session fixation vulnerability in bitbucket-oauth

bitbucket-oauth 0.12 and earlier does not invalidate the existing session on login. This allows attackers to use social engineering techniques to gain administrator access to Jenkins. bitbucket-oauth 0.13 invalidates the existing session on login...

9.8CVSS8.3AI score0.01062EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•4 views

CSRF vulnerability in bitbucket-oauth

bitbucket-oauth 0.12 and earlier does not implement a state parameter in its OAuth flow, a unique and non-guessable value associated with each authentication request. This vulnerability allows attackers to trick users into logging in to the attacker's account. bitbucket-oauth 0.13 implements a...

5.7CVSS5.9AI score0.00484EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•65 views

Agent-to-controller security bypass in semantic-versioning-plugin

semantic-versioning-plugin defines a controller/agent message that processes a given file as XML and its XML parser is not configured to prevent XML external entity XXE attacks. semantic-versioning-plugin 1.14 and earlier does not restrict execution of the controller/agent message to agents, and...

9.8CVSS8.5AI score0.01314EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•4 views

Missing permission checks in macstadium-orka allow enumerating credentials IDs

macstadium-orka 1.31 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another...

4.3CVSS5.1AI score0.00619EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•4 views

CSRF vulnerability and missing permission checks in macstadium-orka allow capturing credentials

macstadium-orka 1.31 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored ...

8.8CVSS7AI score0.00769EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•5 views

Missing permission check in ghprb allows enumerating credentials IDs

ghprb 1.42.2 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability. As of...

4.3CVSS5.1AI score0.00661EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•7 views

CSRF vulnerability and missing permission checks in ghprb

ghprb 1.42.2 and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in...

8.8CVSS6.9AI score0.00821EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•5 views

CSRF vulnerability and missing permission checks in jira-steps

jira-steps 2.0.165.v8846cf59f3db and earlier does not perform permission checks in methods implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing...

8.8CVSS6.9AI score0.00769EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•8 views

Keys stored in plain text by jira-steps

jira-steps 2.0.165.v8846cf59f3db and earlier stores the private key unencrypted in its global configuration file org.thoughtslive.jenkins.plugins.jira.JiraStepsConfig.xml on the Jenkins controller as part of its configuration. This key can be viewed by users with access to the Jenkins controller...

5.5CVSS5.6AI score0.00203EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•6 views

XXE vulnerability on agents in mstest

mstest 1.0.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control the contents of the report file for the 'Publish MSTest test result report' post-build step to have agent processes parse a crafted file that uses external...

9.8CVSS8.6AI score0.01215EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•8 views

Credentials stored in plain text by github-pr-coverage-status

github-pr-coverage-status 2.2.0 and earlier stores the GitHub Personal Access Token, Sonar access token and Sonar password unencrypted in its global configuration file com.github.terma.jenkins.githubprcoveragestatus.Configuration.xml on the Jenkins controller as part of its configuration. These...

5.5CVSS5.6AI score0.00229EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•5 views

Session fixation vulnerability in Keycloak Authentication

Keycloak Authentication 2.3.0 and earlier does not invalidate the existing session on login. This allows attackers to use social engineering techniques to gain administrator access to Jenkins. As of publication of this advisory, there is no fix. Learn why we announce this...

9.8CVSS8.3AI score0.01206EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•5 views

CSRF vulnerability in Keycloak Authentication

Keycloak Authentication 2.3.0 and earlier does not implement a state parameter in its OAuth flow, a unique and non-guessable value associated with each authentication request. This vulnerability allows attackers to trick users into logging in to the attacker's account. As of publication of this...

6.5CVSS6.4AI score0.01EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•5 views

XXE vulnerability in TestComplete

TestComplete 2.8.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control the zip archive input file for the 'TestComplete Test' build step to have Jenkins parse a crafted file that uses external entities for extraction of...

9.8CVSS8.4AI score0.01215EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•5 views

Session fixation vulnerability in openid

openid 2.4 and earlier does not invalidate the existing session on login. This allows attackers to use social engineering techniques to gain administrator access to Jenkins. As of publication of this advisory, there is no fix. Learn why we announce this...

9.8CVSS8.3AI score0.01149EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•5 views

Open redirect vulnerability in openid

openid 2.4 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins. This allows attackers to perform phishing attacks by having users go to a Jenkins URL that will forward them to a different site after successful authentication. As of publication of...

6.1CVSS6AI score0.00657EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•13 views

CSRF vulnerability in openid

openid 2.4 and earlier does not implement a state parameter in its OAuth flow, a unique and non-guessable value associated with each authentication request. This vulnerability allows attackers to trick users into logging in to the attacker's account. As of publication of this advisory, there is n...

8.8CVSS7.9AI score0.00556EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•5 views

CSRF vulnerability and missing permission check in rabbitmq-consumer

rabbitmq-consumer 2.8 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified AMQP server using attacker-specified username and password. Additionally, this form validation...

8.8CVSS6.9AI score0.00723EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•5 views

Path traversal vulnerability in pwauth

pwauth 0.4 and earlier does not restrict the names of files in methods implementing form validation. This allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system. As of publication of this advisory, there is...

4.3CVSS5.1AI score0.01201EPSS
Exploits0Affected Software1
Jenkins Security Advisories
Jenkins Security Advisories
•added 2023/01/24 12:0 a.m.•5 views

Passwords stored in plain text by view-cloner

view-cloner 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller as part of its configuration. These passwords can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system. As of publication of this advisory,...

6.5CVSS6.4AI score0.006EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1464