RadarGun Plugin 1.7 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution vulnerability exploitable by users able to configure RadarGun Plugin’s build step.
RadarGun Plug…
[org.jenkins-ci.plugins:brakeman] Stored XSS vulnerability in Jenkins brakeman Plugin
brakeman Plugin 0.12 and earlier did not escape values received from parsed JSON files when rendering them, resulting in a stored cross-site scripting vulnerability.
This vulnerability can be exploited by users able to control the Brakeman post-build s…
[org.jenkins-ci.plugins:google-kubernetes-engine] RCE vulnerability in Google Kubernetes Engine Plugin
Google Kubernetes Engine Plugin 0.8.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution vulnerability exploitable by users able to provide YAML input files to Google …
[org.jenkins-ci.plugins:fitnesse] XXE vulnerability in FitNesse Plugin
FitNesse Plugin 1.30 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks.
This allows a user able to control the input files for its post-build step to have Jenkins parse a crafted file that uses external entities…
[com.moded.extendedchoiceparameter:dynamic_extended_choice_parameter] Password stored in plain text by Dynamic Extended Choice Parameter Plugin
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.
Reference…
[com.dubture.jenkins:digitalocean-plugin] Token stored in plain text by DigitalOcean Plugin
Jenkins DigitalOcean Plugin 1.1 and earlier stores a token unencrypted in the global config.xml file on the Jenkins master where it can be viewed by users with access to the master file system.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-2126…
[RPD:bmc-rpd] Credential stored in plain text by BMC Release Package and Deployment Plugin
Jenkins BMC Release Package and Deployment Plugin 1.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. As of publication of this a…
[com.parasoft:environment-manager] Password stored in plain text by Parasoft Environment Manager Plugin
Jenkins Parasoft Environment Manager Plugin 2.14 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.
References
htt…
[com.catalogic.ecxjenkins:catalogic-ecx] Password stored in plain text by ECX Copy Data Management Plugin
Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.
References
https://…
[org.jenkins-ci.plugins:pipeline-githubnotify-step] CSRF vulnerability in Pipeline GitHub Notify Step Plugin allows capturing credentials
A cross-site request forgery vulnerability in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing cred…