MODERATE

.NET Core and Visual Studio Denial of Service Vulnerability due to a vulnerability which exists when creating HTTPS web request during X509 certificate chain building.
References

https://nvd.nist.gov/vuln/detail/CVE-2021-1721
https://portal.msrc.micro…

Due to a time-of-check to time-of-use (TOCTOU) race condition, the file browser for workspaces, archived artifacts, and $JENKINS_HOME/userContent/ follows symbolic links to locations outside the directory being browsed in Jenkins 2.275 and LTS 2.263.2….

Jenkins renders several different graphs for features like agent and label usage statistics, memory usage, or various plugin-provided statistics.
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not limit the graph size provided as query paramet…

Jenkins provides a feature for jobs to store and track fingerprints of files used during a build. Jenkins 2.274 and earlier, LTS 2.263.1 and earlier provides a REST API to check where a given fingerprint was used by which builds. This endpoint does not…

The file browser for workspaces, archived artifacts, and $JENKINS_HOME/userContent/ follows symbolic links to locations outside the directory being browsed in Jenkins 2.274 and earlier, LTS 2.263.1 and earlier.
This allows attackers with Job/Workspace …

Chaos Monkey Plugin 0.3 and earlier does not perform permission checks in several HTTP endpoints.
This allows attackers with Overall/Read permission to generate load and to generate memory leaks.
Chaos Monkey Plugin 0.4 requires Overall/Administer perm…

Chaos Monkey Plugin 0.4 and earlier does not perform permission checks in an HTTP endpoint.
This allows attackers with Overall/Read permission to access the Chaos Monkey page and to see the history of actions.
Chaos Monkey Plugin 0.4.1 requires Overall…

Jenkins Mail Commander Plugin for Jenkins-ci Plugin 1.0.0 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller fi…

AWS Global Configuration Plugin 1.5 and earlier does not perform a permission check in an HTTP endpoint processing form submissions.
This allows attackers with Overall/Read permission to replace the global AWS configuration.
AWS Global Configuration Pl…

Ansible Plugin 1.0 and earlier does not perform permission checks in methods implementing form validation.
This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an…