A confused deputy vulnerability exists in Jenkins Publisher Over CIFS Plugin 0.10 and earlier in CifsPublisherPluginDescriptor.java that allows attackers to have Jenkins connect to an attacker specified CIFS server with attacker specified credentials. …
[cakephp/cakephp] CakePHP allows remote attackers to spoof their IP
The clientIp function in CakePHP 3.2.4 and earlier allows remote attackers to spoof their IP via the CLIENT-IP HTTP header.
References
https://nvd.nist.gov/vuln/detail/CVE-2016-4793
https://bakery.cakephp.org/2016/03/13/cakephp_2613_2711_282_3017_3112…
[org.jenkins-ci.plugins:saltstack] Jenkins SaltStack Plugin allows attackers to capture credentials with a known credentials ID stored in Jenkins
An exposure of sensitive information vulnerability exists in Jenkins SaltStack Plugin 3.1.6 and earlier in SaltAPIBuilder.java, SaltAPIStep.java. SaltStack Plugin did not perform permission checks on methods implementing form validation. This allowed u…
[curl] curl FTP path confusion leads to NIL byte out of bounds write
curl can be coerced into writing a zero byte out of bounds.
This bug can trigger when curl is told to work on an FTP URL, with the setting to only issue a single CWD command (–ftp-method singlecwd or the libcurl alternative CURLOPT_FTP_FILEMETHOD).
cu…
[authlogic] Authlogic Information Exposure vulnerability
The Authlogic gem for Ruby on Rails prior to version 3.3.0 makes potentially unsafe find_by_id method calls, which might allow remote attackers to conduct CVE-2012-6496 SQL injection attacks via a crafted parameter in environments that have a known sec…
[org.jenkins-ci.plugins:ssh-agent] Jenkins SSH Agent Plugin exposes SSH private key password to users with permission to read the build log
An exposure of sensitive information vulnerability exists in Jenkins SSH Agent Plugin 1.15 and earlier in SSHAgentStepExecution.java that exposes the SSH private key password to users with permission to read the build log. As of version 1.16, the plugi…
[asciidoctor] Asciidoctor Infinite Loop vulnerability
Asciidoctor in versions < 1.5.8 allows remote attackers to cause a denial of service (infinite loop). The loop was caused by the fact that Parser.next_block was not exhausting all the lines in the reader as the while loop expected it would. This was…
[org.jenkins-ci.plugins:zos-connector] Jenkins z/OS Connector Plugin allows local attacker to retrieve configured password
A exposure of sensitive information vulnerability exists in Jenkins z/OS Connector Plugin 1.2.6.1 and earlier in SCLMSCM.java that allows an attacker with local file system access or control of a Jenkins administrator’s web browser (e.g. malicious exte…
[org.jenkins-ci.plugins:vsphere-cloud] Jenkins vSphere Plugin incorrect authorization vulnerability
An improper authorization vulnerability exists in Jenkins vSphere Plugin 2.16 and older in Clone.java, CloudSelectorParameter.java, ConvertToTemplate.java, ConvertToVm.java, Delete.java, DeleteSnapshot.java, Deploy.java, ExposeGuestInfo.java, FolderVSp…
[org.jenkins-ci.plugins:subversion] Jenkins Subversion Plugin Incorrect Authorization vulnerability
An improper authorization vulnerability exists in Jenkins Subversion Plugin version 2.10.2 and earlier in SubversionStatus.java and SubversionRepositoryStatus.java that allows an attacker with network access to obtain a list of nodes and users. As of v…