Active Directory Plugin 2.19 and earlier does not perform a permission check in an HTTP endpoint.
This allows attackers with Overall/Read permission to access the domain health check diagnostic page.
Active Directory Plugin 2.20 requires Overall/Admini…
[org.jenkins-ci.plugins:active-directory] CSRF vulnerability in Jenkins Active Directory Plugin
Active Directory Plugin 2.19 and earlier does not require POST requests for multiple HTTP endpoints implementing connection and authentication tests, resulting in cross-site request forgery (CSRF) vulnerabilities.
This vulnerability allows attackers to…
[org.jenkins-ci.plugins:nerrvana-plugin] XXE vulnerability in Jenkins Nerrvana Plugin
Nerrvana Plugin 1.02.06 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
This allows attackers with Overall/Read permission to have Jenkins parse a crafted HTTP request with XML data that uses external entitie…
[com.hoiio.jenkins:sms] Access token stored in plain text by Jenkins SMS Notification Plugin
SMS Notification Plugin 1.2 and earlier stores an access token unencrypted in its global configuration file com.hoiio.jenkins.plugin.SMSNotification.xml on the Jenkins controller as part of its configuration.
This access token can be viewed by users wi…
[com.barchart.jenkins:maven-release-cascade] CSRF vulnerability in Jenkins Maven Cascade Release Plugin
A cross-site request forgery (CSRF) vulnerability in Jenkins Maven Cascade Release Plugin 1.3.2 and earlier allows attackers to start cascade builds and layout builds, and reconfigure the plugin.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-22…
[com.barchart.jenkins:maven-release-cascade] Missing permission checks in Jenkins Maven Cascade Release Plugin
Jenkins Maven Cascade Release Plugin 1.3.2 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to start cascade builds and layout builds, and reconfigure the plugin.
References
http…
[org.jenkins-ci.plugins:persona] Arbitrary file read vulnerability in Jenkins Persona Plugin
Jenkins Persona Plugin 2.4 and earlier allows users with Overall/Read permission to read arbitrary files on the Jenkins controller.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-2293
https://www.jenkins.io/security/advisory/2020-10-08/#SECURITY…
[org.jenkins-ci.plugins:shared-objects] CSRF vulnerability in Jenkins Shared Objects Plugin
A cross-site request forgery (CSRF) vulnerability in Jenkins Shared Objects Plugin 0.44 and earlier allows attackers to configure shared objects.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-2296
https://www.jenkins.io/security/advisory/2020-1…
[org.jenkins-ci.plugins:release] Stored XSS vulnerability in Jenkins Release Plugin
Jenkins Release Plugin 2.10.2 and earlier does not escape the release version in badge tooltip, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Release/Release permission.
References
https://nvd.nist.gov/vu…
[org.jenkins-ci.plugins:couchdb-statistics] Password stored in plain text by Jenkins couchdb-statistics Plugin
couchdb-statistics Plugin 0.3 and earlier stores its server password unencrypted in its global configuration file org.jenkinsci.plugins.couchstats.CouchStatsConfig.xml on the Jenkins controller as part of its configuration.
This password can be viewed …