TechMedia – Page 81970

[io.jenkins.blueocean:blueocean] Path traversal vulnerability in Blue Ocean Plugin

Blue Ocean Plugin 1.23.2 and earlier provides an undocumented feature flag, blueocean.features.GIT_READ_SAVE_TYPE, that when set to the value clone allows an attacker with Item/Configure or Item/Create permission to read arbitrary files on the Jenkins …

[org.jenkins-ci.plugins:email-ext] Missing hostname validation in Email Extension Plugin

Email Extension Plugin 2.75 and earlier does not perform hostname validation when connecting to the configured SMTP server. This lack of validation could be abused using a man-in-the-middle attack to intercept these connections.
Email Extension Plugin …

[Microsoft.AspNetCore.Http] Cookie parsing failure

Posted inHIGH
Posted byWpmaster
05/25/202211/24/2022

A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being …

[org.jenkins-ci.plugins:vmanager-plugin] Stored XSS vulnerability in Jenkins Cadence vManager Plugin

Posted inHIGH
Posted byWpmaster
05/25/202212/21/2022

Jenkins Cadence vManager Plugin 3.0.4 and earlier does not escape build descriptions in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Run/Update permission.
Cadence vManager Plugin 3.0.5 removes …

[org.jenkins-ci.plugins:soapui-pro-functional-testing] Passwords transmitted in plain text by Jenkins ReadyAPI Functional Testing Plugin

ReadyAPI Functional Testing Plugin stores project passwords in job config.xml files on the Jenkins controller as part of its configuration.
While these passwords are stored encrypted on disk since ReadyAPI Functional Testing Plugin 1.4, they are transm…

[org.jenkins-ci.plugins:jsgames] Reflected XSS vulnerability in Jenkins JSGames Plugin

Posted inHIGH
Posted byWpmaster
05/25/202212/21/2022

Jenkins JSGames Plugin 0.2 and earlier evaluates part of a URL as code, resulting in a reflected cross-site scripting (XSS) vulnerability.
References

https://nvd.nist.gov/vuln/detail/CVE-2020-2248
https://jenkins.io/security/advisory/2020-09-01/#SECUR…

[com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer] XSS vulnerability in Jenkins Build Failure Analyzer Plugin

Posted inHIGH
Posted byWpmaster
05/25/202212/21/2022

Jenkins Build Failure Analyzer Plugin 1.27.0 and earlier does not escape matching text in a form validation response, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to provide console output for builds used to tes…

[org.jenkins-ci.plugins:klocwork] XXE vulnerability in Jenkins Klocwork Analysis Plugin

Posted inHIGH
Posted byWpmaster
05/25/202212/21/2022

Klocwork Analysis Plugin 2020.2.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
This allows a user able to control the input files for the Klocwork plugin parser to have Jenkins parse a crafted file that us…

[org.jenkins-ci.plugins:soapui-pro-functional-testing] Passwords stored in plain text by Jenkins ReadyAPI Functional Testing Plugin

ReadyAPI Functional Testing Plugin 1.3 and earlier stores project passwords unencrypted in job config.xml files as part of its configuration. These project passwords can be viewed by attackers with Extended Read permission or access to the Jenkins cont…

[org.jenkins-ci.plugins:valgrind] Stored XSS vulnerability in Jenkins Valgrind Plugin

Posted inHIGH
Posted byWpmaster
05/25/202212/29/2022

Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control Valgrind XML report contents.
References

https://nvd.nist…