AWS Global Configuration Plugin 1.5 and earlier does not perform a permission check in an HTTP endpoint processing form submissions.
This allows attackers with Overall/Read permission to replace the global AWS configuration.
AWS Global Configuration Pl…
[org.jenkins-ci.plugins:subversion] XXE vulnerability in Jenkins Subversion Plugin
Subversion Plugin 2.13.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
This allows attackers able to control an agent process to have Jenkins parse a crafted changelog file that uses external entities for e…
[org.jenkins-ci.plugins:active-directory] Missing permission check in Jenkins Active Directory Plugin allows accessing domain health check page
Active Directory Plugin 2.19 and earlier does not perform a permission check in an HTTP endpoint.
This allows attackers with Overall/Read permission to access the domain health check diagnostic page.
Active Directory Plugin 2.20 requires Overall/Admini…
[org.jenkins-ci.plugins:active-directory] CSRF vulnerability in Jenkins Active Directory Plugin
Active Directory Plugin 2.19 and earlier does not require POST requests for multiple HTTP endpoints implementing connection and authentication tests, resulting in cross-site request forgery (CSRF) vulnerabilities.
This vulnerability allows attackers to…
[org.jenkins-ci.plugins:nerrvana-plugin] XXE vulnerability in Jenkins Nerrvana Plugin
Nerrvana Plugin 1.02.06 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
This allows attackers with Overall/Read permission to have Jenkins parse a crafted HTTP request with XML data that uses external entitie…
[com.hoiio.jenkins:sms] Access token stored in plain text by Jenkins SMS Notification Plugin
SMS Notification Plugin 1.2 and earlier stores an access token unencrypted in its global configuration file com.hoiio.jenkins.plugin.SMSNotification.xml on the Jenkins controller as part of its configuration.
This access token can be viewed by users wi…
[com.barchart.jenkins:maven-release-cascade] CSRF vulnerability in Jenkins Maven Cascade Release Plugin
A cross-site request forgery (CSRF) vulnerability in Jenkins Maven Cascade Release Plugin 1.3.2 and earlier allows attackers to start cascade builds and layout builds, and reconfigure the plugin.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-22…
[com.barchart.jenkins:maven-release-cascade] Missing permission checks in Jenkins Maven Cascade Release Plugin
Jenkins Maven Cascade Release Plugin 1.3.2 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to start cascade builds and layout builds, and reconfigure the plugin.
References
http…
[org.jenkins-ci.plugins:persona] Arbitrary file read vulnerability in Jenkins Persona Plugin
Jenkins Persona Plugin 2.4 and earlier allows users with Overall/Read permission to read arbitrary files on the Jenkins controller.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-2293
https://www.jenkins.io/security/advisory/2020-10-08/#SECURITY…
[org.jenkins-ci.plugins:shared-objects] CSRF vulnerability in Jenkins Shared Objects Plugin
A cross-site request forgery (CSRF) vulnerability in Jenkins Shared Objects Plugin 0.44 and earlier allows attackers to configure shared objects.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-2296
https://www.jenkins.io/security/advisory/2020-1…