ReadyAPI Functional Testing Plugin 1.3 and earlier stores project passwords unencrypted in job config.xml files as part of its configuration. These project passwords can be viewed by attackers with Extended Read permission or access to the Jenkins cont…
[org.jenkins-ci.plugins:valgrind] Stored XSS vulnerability in Jenkins Valgrind Plugin
Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control Valgrind XML report contents.
References
https://nvd.nist…
[org.jenkins-ci.tools:git-parameter] Stored XSS vulnerability in Jenkins Git Parameter Plugin
Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the ‘Build with Parameters’ page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
Git Paramet…
[org.jenkins-ci.plugins:Parameterized-Remote-Trigger] Secret stored in plain text by Jenkins Parameterized Remote Trigger Plugin
Parameterized Remote Trigger Plugin 3.1.3 and earlier stores a secret unencrypted in its global configuration file org.jenkinsci.plugins.ParameterizedRemoteTrigger.RemoteBuildConfiguration.xml on the Jenkins controller as part of its configuration. Thi…
[org.jenkins-ci.plugins:database] CSRF vulnerability in Jenkins Database Plugin
Database Plugin 1.6 and earlier does not require POST requests for the database console, resulting in a cross-site request forgery (CSRF) vulnerability.
This vulnerability allows attackers to execute arbitrary SQL scripts.
Database Plugin 1.7 removes t…
[org.jenkins-ci.plugins:database] CSRF vulnerability in Jenkins Database Plugin
A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an attacker-specified database server using attacker-specified credentials.
Database Plugin 1.7 requires POST requests for the a…
[org.jenkins-ci.plugins:database] Missing permission checks in Jenkins Database Plugin
A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified credentials.
Database Plugin 1.7 requires Overall/Ad…
[org.jenkins-ci.plugins:tfs] Credentials stored in plain text by Jenkins tfs Plugin
tfs Plugin 5.157.1 and earlier stores a webhook secret unencrypted in its global configuration file hudson.plugins.tfs.TeamPluginGlobalConfig.xml on the Jenkins controller as part of its configuration. This secret can be viewed by attackers with access…
[org.jenkins-ci.plugins:valgrind] XXE vulnerability in Jenkins Valgrind Plugin
Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
This allows a user able to control the input files for the Valgrind plugin parser to have Jenkins parse a crafted file that uses external e…
[linux-cmdline] linux-cmdline is vulnerable to Prototype Pollution via the constructor
The package linux-cmdline is a parser for Linux kernel command line arguments. Versions before 1.0.1 are vulnerable to Prototype Pollution via the constructor.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-7704
https://github.com/piranna/linux-…