Redgate SQL Change Automation Plugin 2.0.4 and earlier stores a NuGet API key unencrypted in job config.xml files as part of its configuration. This credential could be viewed by users with Extended Read permission or access to the Jenkins controller f…
[org.jenkins-ci.ruby-plugins:gitlab-hook] Reflected XSS vulnerability in Jenkins gitlab-hook Plugin
Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project names in the build_now endpoint, resulting in a reflected XSS vulnerability.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-2096
https://jenkins.io/security/advisory/2020-01-15…
[org.jenkins-ci.plugins:sounds] CSRF vulnerability in Jenkins Sounds Plugin allow OS command execution
A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-2098
https://jenkins.io/s…
[org.jenkins-ci.plugins:ec2] CSRF vulnerability in Jenkins Amazon EC2 Plugin
Amazon EC2 Plugin 1.47 and earlier does not perform permission checks in methods performing form validation. This allows users with Overall/Read access to Jenkins to connect to an attacker-specified URL within the AWS region using attacker-specified cr…
[org.jenkins-ci.plugins:cloudbees-jenkins-advisor] CSRF vulnerability in Health Advisor by CloudBees Plugin
Health Advisor by CloudBees Plugin 3.0 and earlier does not perform permission checks in methods performing form validation. This allows users with Overall/Read access to send an email with fixed content to an attacker-specified recipient.
Additionally…
[org.jenkins-ci.plugins:ec2] Missing permission checks in Jenkins Amazon EC2 Plugin
Amazon EC2 Plugin 1.47 and earlier does not perform permission checks in methods performing form validation. This allows users with Overall/Read access to Jenkins to connect to an attacker-specified URL within the AWS region using attacker-specified cr…
[org.springframework:spring-web] Pivotal Spring Framework contains unsafe Java deserialization methods
Pivotal Spring Framework before 6.0.0 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authenti…
[katello] Katello cleartext password storage issue
A cleartext password storage issue was discovered in Katello, versions 3.x.x.x before katello 3.12.2. Registry credentials used during container image discovery were inadvertently logged without being masked. This flaw could expose the registry credent…
[org.jenkins-ci.plugins:google-compute-engine] Jenkins Google Compute Engine Plugin does not verify SSH host keys when connecting agents created by the plugin
Jenkins Google Compute Engine Plugin 4.1.1 and earlier does not verify SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks. Google Compute Engine Plugin 4.2.0 verifies SSH host keys before executing any comman…
[org.jenkins-ci.plugins:google-compute-engine] Jenkins Google Compute Engine Plugin Cross-Site Request Forgery vulnerability
A cross-site request forgery vulnerability in Jenkins Google Compute Engine Plugin 4.1.1 and earlier in ComputeEngineCloud#doProvision could be used to provision new agents. Google Compute Engine Plugin 4.2.0 requires POST requests for this API endpoin…