Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
This allows a user able to control the input files for the Valgrind plugin parser to have Jenkins parse a crafted file that uses external e…
[linux-cmdline] linux-cmdline is vulnerable to Prototype Pollution via the constructor
The package linux-cmdline is a parser for Linux kernel command line arguments. Versions before 1.0.1 are vulnerable to Prototype Pollution via the constructor.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-7704
https://github.com/piranna/linux-…
[org.jenkins-ci.plugins:flaky-test-handler] CSRF vulnerability in Jenkins Flaky Test Handler Plugin
Flaky Test Handler Plugin 1.0.4 and earlier does not require POST requests for the “Deflake this build” feature, resulting in a cross-site request forgery (CSRF) vulnerability.
This vulnerability allows attackers to rebuild a project at a previous git …
[org.jenkins-ci.plugins:pipeline-maven] CSRF vulnerability in Jenkins Pipeline Maven Integration Plugin allow capturing credentials
Pipeline Maven Integration Plugin 3.8.2 and earlier does not perform a permission check in a method implementing form validation.
This allows users with Overall/Read access to Jenkins to connect to an attacker-specified JDBC URL using attacker-specifie…
[org.jenkins-ci.main:jenkins-core] Improper Neutralization of Input During Web Page Generation in Jenkins
Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the remote address of the host starting a build via ‘Trigger builds remotely’, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Job/Configure per…
[com.axis.system.jenkins.plugins.downstream:yet-another-build-visualizer] Stored XSS vulnerability in Jenkins Yet Another Build Visualizer Plugin
Yet Another Build Visualizer Plugin 1.11 and earlier does not escape tooltip content.
This results in a stored cross-site scripting (XSS) vulnerability exploitable by users with Run/Update permission.
Yet Another Build Visualizer Plugin 1.12 escapes to…
[org.jenkins-ci.plugins:pipeline-maven] Missing permission check in Jenkins Pipeline Maven Integration Plugin allow capturing credentials
Pipeline Maven Integration Plugin 3.8.2 and earlier does not perform a permission check in a method implementing form validation.
This allows users with Overall/Read access to Jenkins to connect to an attacker-specified JDBC URL using attacker-specifie…
[org.jenkins-ci.plugins:pipeline-maven] Missing permission check in Jenkins Pipeline Maven Integration Plugin allows enumerating credentials IDs
Pipeline Maven Integration Plugin 3.8.2 and earlier does not perform a permission check in an HTTP endpoint.
This allows attackers with Overall/Read access to Jenkins to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as p…
[org.jenkins-ci.plugins:email-ext] Jenkins Email Extension Plugin SMTP password transmitted and displayed in plain text
Email Extension Plugin stores an SMTP password in its global configuration file hudson.plugins.emailext.ExtendedEmailPublisher.xml on the Jenkins controller as part of its configuration.
While this password is stored encrypted on disk, it is transmitte…
[org.jenkins-ci.plugins:deployer-framework] Stored XSS vulnerability in Jenkins Deployer Framework Plugin
Deployer Framework Plugin is a framework plugin allowing other plugins to provide a way to deploy artifacts. Deployer Framework Plugin 1.2 and earlier does not escape the URL displayed in the build home page. This results in a stored cross-site scripti…