RadarGun Plugin 1.7 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types. This results in a remote code execution vulnerability exploitable by users able to configure RadarGun Plugin’s build step.
RadarGun Plug…
[org.jenkins-ci.plugins:nunit] XXE vulnerability in NUnit Plugin
NUnit Plugin 0.25 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks.
This allows a user able to control the input files for its post-build step to have Jenkins parse a crafted file that uses external entities fo…
[org.jenkins-ci.plugins:pipeline-githubnotify-step] Missing permission checks in Pipeline GitHub Notify Step Plugin allows capturing credentials
A missing permission check in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, c…
[org.jenkins-ci.plugins:pipeline-githubnotify-step] CSRF vulnerability in Pipeline GitHub Notify Step Plugin allows capturing credentials
A cross-site request forgery vulnerability in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing cred…
[org.jenkins-ci.plugins:websphere-deployer] XXE vulnerability in Jenkins WebSphere Deployer Plugin
WebSphere Deployer Plugin 1.6.1 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks. This could be exploited by a user with Job/Configure permissions to upload a specially crafted war file containing a WEB-INF/ibm…
[org.jenkins-ci.main:jenkins-core] Inbound TCP Agent Protocol/3 authentication bypass in Jenkins
Jenkins 2.213 and earlier, LTS 2.204.1 and earlier includes support for the Inbound TCP Agent Protocol/3 for communication between controller and agents. While this protocol has been deprecated in 2018 and was recently removed from Jenkins in 2.214, it…
[org.jenkins-ci.plugins:robot] XXE vulnerability in Jenkins Robot Framework Plugin
Robot Framework Plugin 2.0.0 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks.
This allows a user able to control the input files for the ‘Publish Robot Framework’ post-build step to have Jenkins parse a crafte…
[org.jenkins-ci.plugins:sounds] Missing permission checks in Jenkins Sounds Plugin allow OS command execution
Jenkins Sounds Plugin 0.5 and earlier does not perform permission checks in URLs performing form validation, allowing attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins.
References
https://nvd.ni…
[org.jenkins-ci.plugins:sounds] CSRF vulnerability in Jenkins Sounds Plugin allow OS command execution
A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-2098
https://jenkins.io/s…
[org.jenkins-ci.plugins:delphix] Jenkins Delphix Plugin vulnerable to Cleartext credential storage
Jenkins Delphix Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
References
https://nvd.nist.gov/vuln/detail/CVE-2019-10453
https://je…