Timestamper Plugin 1.11.1 and earlier does not escape or sanitize the HTML formatting used to display the timestamps in console output for builds.
This results in a stored cross-site scripting vulnerability that can be exploited by users with Overall/A…
[org.jenkins-ci.plugins:script-security] Sandbox bypass vulnerability in Script Security Plugin
Sandbox protection in Script Security Plugin 1.70 and earlier can be circumvented through:\n- Crafted constructor calls and bodies (due to an incomplete fix of SECURITY-582)
Crafted method calls on objects that implement GroovyInterceptable
This allo…
[org.jenkins-ci.plugins:harvest] Passwords stored in plain text by Harvest SCM Plugin
Harvest SCM Plugin 0.5.1 and earlier stores SCM passwords unencrypted in its global configuration file hudson.plugins.harvest.HarvestSCM.xml and in job config.xml files on the Jenkins controller. These credentials can be viewed by users with Extended R…
[org.jenkins-ci.plugins:harvest] Passwords stored in plain text by Harvest SCM Plugin
Jenkins Harvest SCM Plugin 0.5.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
References
https://nvd.nist.g…
[com.applatix.jenkins:applatix] Password stored in plain text by Applatix Plugin
Jenkins Applatix Plugin 1.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.
References
https://nvd.nist.gov/vul…
[ru.yandex.jenkins.plugins.debuilder:debian-package-builder] Credentials stored in plain text by debian-package-builder Plugin
debian-package-builder Plugin 1.6.11 and earlier stores a GPG passphrase unencrypted in its global configuration file ru.yandex.jenkins.plugins.debuilder.DebianPackageBuilder.xml on the Jenkins controller. This credential can be viewed by users with ac…
[org.jenkins-ci.plugins:radargun] RCE vulnerability in RadarGun Plugin
RadarGun Plugin 1.7 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution vulnerability exploitable by users able to configure RadarGun Plugin’s build step.
RadarGun Plug…
[org.jenkins-ci.plugins:brakeman] Stored XSS vulnerability in Jenkins brakeman Plugin
brakeman Plugin 0.12 and earlier did not escape values received from parsed JSON files when rendering them, resulting in a stored cross-site scripting vulnerability.
This vulnerability can be exploited by users able to control the Brakeman post-build s…
[org.jenkins-ci.plugins:google-kubernetes-engine] RCE vulnerability in Google Kubernetes Engine Plugin
Google Kubernetes Engine Plugin 0.8.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution vulnerability exploitable by users able to provide YAML input files to Google …
[org.jenkins-ci.plugins:fitnesse] XXE vulnerability in FitNesse Plugin
FitNesse Plugin 1.30 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks.
This allows a user able to control the input files for its post-build step to have Jenkins parse a crafted file that uses external entities…