Robot Framework Plugin 2.0.0 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks.
This allows a user able to control the input files for the ‘Publish Robot Framework’ post-build step to have Jenkins parse a crafte…
[org.jenkins-ci.plugins:cloudbees-jenkins-advisor] Missing permission checks in Health Advisor by CloudBees Plugin
Health Advisor by CloudBees Plugin 3.0 and earlier does not perform permission checks in methods performing form validation. This allows users with Overall/Read access to send an email with fixed content to an attacker-specified recipient.
Additionally…
[com.redgate.plugins.redgatesqlci:redgate-sql-ci] Redgate SQL Change Automation Plugin stored credentials in plain text
Redgate SQL Change Automation Plugin 2.0.4 and earlier stores a NuGet API key unencrypted in job config.xml files as part of its configuration. This credential could be viewed by users with Extended Read permission or access to the Jenkins controller f…
[org.jenkins-ci.ruby-plugins:gitlab-hook] Reflected XSS vulnerability in Jenkins gitlab-hook Plugin
Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project names in the build_now endpoint, resulting in a reflected XSS vulnerability.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-2096
https://jenkins.io/security/advisory/2020-01-15…
[org.jenkins-ci.plugins:sounds] CSRF vulnerability in Jenkins Sounds Plugin allow OS command execution
A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-2098
https://jenkins.io/s…
[org.jenkins-ci.plugins:ec2] CSRF vulnerability in Jenkins Amazon EC2 Plugin
Amazon EC2 Plugin 1.47 and earlier does not perform permission checks in methods performing form validation. This allows users with Overall/Read access to Jenkins to connect to an attacker-specified URL within the AWS region using attacker-specified cr…
[org.jenkins-ci.plugins:cloudbees-jenkins-advisor] CSRF vulnerability in Health Advisor by CloudBees Plugin
Health Advisor by CloudBees Plugin 3.0 and earlier does not perform permission checks in methods performing form validation. This allows users with Overall/Read access to send an email with fixed content to an attacker-specified recipient.
Additionally…
[org.jenkins-ci.plugins:ec2] Missing permission checks in Jenkins Amazon EC2 Plugin
Amazon EC2 Plugin 1.47 and earlier does not perform permission checks in methods performing form validation. This allows users with Overall/Read access to Jenkins to connect to an attacker-specified URL within the AWS region using attacker-specified cr…
[org.springframework:spring-web] Pivotal Spring Framework contains unsafe Java deserialization methods
Pivotal Spring Framework before 6.0.0 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authenti…
[katello] Katello cleartext password storage issue
A cleartext password storage issue was discovered in Katello, versions 3.x.x.x before katello 3.12.2. Registry credentials used during container image discovery were inadvertently logged without being masked. This flaw could expose the registry credent…