Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are generally safe to execute. Calls to code defined inside a sandboxed script are intercepted, and various allowlists are c…
[org.jenkins-ci.plugins.workflow:workflow-cps] Sandbox bypass vulnerabilities in Jenkins Script Security Plugin and in Pipeline: Groovy Plugin
Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are generally safe to execute. Calls to code defined inside a sandboxed script are intercepted, and various allowlists are c…
[io.jenkins.plugins:pipeline-groovy-lib] Sandbox bypass vulnerability in Jenkins Pipeline: Groovy Libraries Plugin and Pipeline: Deprecated Groovy Libraries Plugin
Pipeline: Groovy Libraries Plugin and older releases of the Pipeline: Deprecated Groovy Libraries Plugin (formerly Pipeline: Shared Groovy Libraries Plugin) define the library Pipeline step, which allows Pipeline authors to dynamically load Pipeline li…
[io.jenkins.plugins:neuvector-vulnerability-scanner] Content-Security-Policy protection for user content disabled by Jenkins NeuVector Vulnerability Scanner Plugin
Jenkins sets the Content-Security-Policy header to static files served by Jenkins (specifically DirectoryBrowserSupport), such as workspaces, /userContent, or archived artifacts, unless a Resource Root URL is specified.
NeuVector Vulnerability Scanner …
[backdrop/backdrop] Backdrop CMS Unrestricted File Upload vulnerability
Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via themes that allows attackers to achieve Remote Code Execution.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-42092
https://grimthereaperteam.medium.com/backdrop-cms-1-22-0-unres…
[org.jenkins-ci.plugins:walti] Stored XSS vulnerability in Jenkins Walti plugin
Jenkins Walti Plugin 1.0.1 and earlier does not escape the information provided by the Walti API, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide malicious API responses from Walti.
References
ht…
[com.groupon.jenkins-ci.plugins:DotCi] Stored XSS vulnerability in Jenkins DotCi Plugin
DotCi Plugin 2.40.00 and earlier does not escape the GitHub user name parameter provided to commit notifications when displaying them in a build cause.
This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to s…
[org.jenkins-ci.main:jenkins-core] Jenkins vulnerable to stored cross site scripting in the I:helpIcon component
Jenkins 2.367 through 2.369 (both inclusive) does not escape tooltips of the l:helpIcon UI component used for some help icons on the Jenkins web UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control…
[org.jenkins-ci.plugins:build-publisher] Jenkins build-publisher plugin vulnerable to cross-site request forgery
A cross-site request forgery (CSRF) vulnerability in Jenkins Build-Publisher Plugin 1.22 and earlier allows attackers to replace any config.xml file on the Jenkins controller file system with an empty file by providing a crafted file name to an API end…
[org.codehaus.jettison:jettison] Jettison memory exhaustion
Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by Out of memory. This effect…