An exposure of sensitive information vulnerability exists in Jenkins meliora-testlab Plugin 1.14 and earlier in TestlabNotifier.java that allows attackers with file system access to the Jenkins master to obtain the API key stored in this plugin’s confi…
[org.jenkins-ci.plugins:collabnet] Jenkins CollabNet Plugin man in the middle vulnerability
A man in the middle vulnerability exists in Jenkins CollabNet Plugin 2.0.4 and earlier in CollabNetApp.java, CollabNetPlugin.java, CNFormFieldValidator.java that allows attackers to impersonate any service that Jenkins connects to. CollabNet Plugin 2.0…
[fat_free_crm] Fat Free CRM Cross-Site Request Forgery vulnerability
Fat Free CRM before 0.13.6 allows remote attackers to conduct cross-site request forgery (CSRF) attacks via a request without the authenticity_token, as demonstrated by a crafted HTML page that creates a new administrator account.
References
https://n…
[cakephp/cakephp] CakePHP might allow remote attackers to bypass CSRF protection mechanism via the _method parameter
CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to bypass the CSRF protection mechanism via the _method parameter.
References
https://nvd.nist.gov/vuln/detail/CVE-2015-8379
https://github.com/cakephp/cakephp/commit/0f818a23a876c01429196b…
[org.jenkins-ci.plugins:resource-disposer] Jenkins Resource Disposer Plugin allows attacker to stop tracking specified resource
A data modification vulnerability exists in Jenkins Resource Disposer Plugin 0.11 and earlier in AsyncResourceDisposer.java that allows attackers to stop tracking a specified resource. Additionally, this API endpoint did not require POST requests, resu…
[spree] Spree allows remote attackers to obtain sensitive information
Spree 0.11.x before 0.11.2 and 0.30.x before 0.30.0 exchanges data using JavaScript Object Notation (JSON) without a mechanism for validating requests, which allows remote attackers to obtain sensitive information via vectors involving (1) admin/produc…
[org.jenkins-ci.plugins:publish-over-cifs] Jenkins Publisher Over CIFS Plugin confused deputy vulnerability
A confused deputy vulnerability exists in Jenkins Publisher Over CIFS Plugin 0.10 and earlier in CifsPublisherPluginDescriptor.java that allows attackers to have Jenkins connect to an attacker specified CIFS server with attacker specified credentials. …
[cakephp/cakephp] CakePHP allows remote attackers to spoof their IP
The clientIp function in CakePHP 3.2.4 and earlier allows remote attackers to spoof their IP via the CLIENT-IP HTTP header.
References
https://nvd.nist.gov/vuln/detail/CVE-2016-4793
https://bakery.cakephp.org/2016/03/13/cakephp_2613_2711_282_3017_3112…
[org.jenkins-ci.plugins:saltstack] Jenkins SaltStack Plugin allows attackers to capture credentials with a known credentials ID stored in Jenkins
An exposure of sensitive information vulnerability exists in Jenkins SaltStack Plugin 3.1.6 and earlier in SaltAPIBuilder.java, SaltAPIStep.java. SaltStack Plugin did not perform permission checks on methods implementing form validation. This allowed u…
[curl] curl FTP path confusion leads to NIL byte out of bounds write
curl can be coerced into writing a zero byte out of bounds.
This bug can trigger when curl is told to work on an FTP URL, with the setting to only issue a single CWD command (–ftp-method singlecwd or the libcurl alternative CURLOPT_FTP_FILEMETHOD).
cu…