Filtered by vendor Jenkins
Subscriptions
Total
1606 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-1000096 | 2 Jenkins, Redhat | 2 Pipeline\, Openshift | 2024-08-05 | N/A |
Arbitrary code execution due to incomplete sandbox protection: Constructors, instance variable initializers, and instance initializers in Pipeline scripts were not subject to sandbox protection, and could therefore execute arbitrary code. This could be exploited e.g. by regular Jenkins users with the permission to configure Pipelines in Jenkins, or by trusted committers to repositories containing Jenkinsfiles. | ||||
CVE-2017-1000092 | 2 Jenkins, Redhat | 2 Git, Openshift | 2024-08-05 | N/A |
Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server. | ||||
CVE-2017-1000088 | 1 Jenkins | 1 Sidebar Link | 2024-08-05 | N/A |
The Sidebar Link plugin allows users able to configure jobs, views, and agents to add entries to the sidebar of these objects. There was no input validation, which meant users were able to use javascript: schemes for these links. | ||||
CVE-2017-1000095 | 2 Jenkins, Redhat | 2 Script Security, Openshift | 2024-08-05 | N/A |
The default whitelist included the following unsafe entries: DefaultGroovyMethods.putAt(Object, String, Object); DefaultGroovyMethods.getAt(Object, String). These allowed circumventing many of the access restrictions implemented in the script sandbox by using e.g. currentBuild['rawBuild'] rather than currentBuild.rawBuild. Additionally, the following entries allowed accessing private data that would not be accessible otherwise due to script security: groovy.json.JsonOutput.toJson(Closure); groovy.json.JsonOutput.toJson(Object). | ||||
CVE-2017-1000090 | 1 Jenkins | 1 Role-based Authorization Strategy | 2024-08-05 | N/A |
Role-based Authorization Strategy Plugin was not requiring requests to its API be sent via POST, thereby opening itself to Cross-Site Request Forgery attacks. This allowed attackers to add administrator role to any user, or to remove the authorization configuration, preventing legitimate access to Jenkins. | ||||
CVE-2017-1000086 | 1 Jenkins | 1 Periodic Backup | 2024-08-05 | N/A |
The Periodic Backup Plugin did not perform any permission checks, allowing any user with Overall/Read access to change its settings, trigger backups, restore backups, download backups, and also delete all previous backups via log rotation. Additionally, the plugin was not requiring requests to its API be sent via POST, thereby opening itself to Cross-Site Request Forgery attacks. | ||||
CVE-2017-1000094 | 1 Jenkins | 1 Docker Commons | 2024-08-05 | N/A |
Docker Commons Plugin provides a list of applicable credential IDs to allow users configuring a job to select the one they'd like to use to authenticate with a Docker Registry. This functionality did not check permissions, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those could be used as part of an attack to capture the credentials using another vulnerability. | ||||
CVE-2017-1000084 | 1 Jenkins | 1 Parameterized Trigger | 2024-08-05 | N/A |
Parameterized Trigger Plugin fails to check Item/Build permission: The Parameterized Trigger Plugin did not check the build authentication it was running as and allowed triggering any other project in Jenkins. | ||||
CVE-2017-1000093 | 1 Jenkins | 1 Poll Scm | 2024-08-05 | N/A |
Poll SCM Plugin was not requiring requests to its API be sent via POST, thereby opening itself to Cross-Site Request Forgery attacks. This allowed attackers to initiate polling of projects with a known name. While Jenkins in general does not consider polling to be a protection-worthy action as it's similar to cache invalidation, the plugin specifically adds a permission to be able to use this functionality, and this issue undermines that permission. | ||||
CVE-2017-1000103 | 1 Jenkins | 1 Dry | 2024-08-05 | N/A |
The custom Details view of the Static Analysis Utilities based DRY Plugin, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to this plugin could insert arbitrary HTML into this view. | ||||
CVE-2017-1000087 | 1 Jenkins | 1 Github Branch Source | 2024-08-05 | N/A |
GitHub Branch Source provides a list of applicable credential IDs to allow users configuring a job to select the one they'd like to use. This functionality did not check permissions, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those could be used as part of an attack to capture the credentials using another vulnerability. | ||||
CVE-2017-1000089 | 2 Jenkins, Redhat | 2 Pipeline\, Openshift | 2024-08-05 | N/A |
Builds in Jenkins are associated with an authentication that controls the permissions that the build has to interact with other elements in Jenkins. The Pipeline: Build Step Plugin did not check the build authentication it was running as and allowed triggering any other project in Jenkins. | ||||
CVE-2017-17383 | 1 Jenkins | 1 Jenkins | 2024-08-05 | N/A |
Jenkins through 2.93 allows remote authenticated administrators to conduct XSS attacks via a crafted tool name in a job configuration form, as demonstrated by the JDK tool in Jenkins core and the Ant tool in the Ant plugin, aka SECURITY-624. | ||||
CVE-2017-2648 | 1 Jenkins | 1 Ssh Slaves | 2024-08-05 | N/A |
It was found that jenkins-ssh-slaves-plugin before version 1.15 did not perform host key verification, thereby enabling Man-in-the-Middle attacks. | ||||
CVE-2017-2651 | 1 Jenkins | 1 Mailer | 2024-08-05 | N/A |
jenkins-mailer-plugin before version 1.20 is vulnerable to an information disclosure while using the feature to send emails to a dynamically created list of users based on the changelogs. This could in some cases result in emails being sent to people who have no user account in Jenkins, and in rare cases even people who were not involved in whatever project was being built, due to some mapping based on the local-part of email addresses. | ||||
CVE-2017-2613 | 1 Jenkins | 1 Jenkins | 2024-08-05 | N/A |
jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation CSRF using GET by admins. While this user record was only retained until restart in most cases, administrators' web browsers could be manipulated to create a large number of user records (SECURITY-406). | ||||
CVE-2017-2609 | 1 Jenkins | 1 Jenkins | 2024-08-05 | N/A |
jenkins before versions 2.44, 2.32.2 is vulnerable to an information disclosure vulnerability in search suggestions (SECURITY-385). The autocomplete feature on the search box discloses the names of the views in its suggestions, including the ones for which the current user does not have access to. | ||||
CVE-2017-2601 | 1 Jenkins | 1 Jenkins | 2024-08-05 | 5.4 Medium |
Jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in parameter names and descriptions (SECURITY-353). Users with the permission to configure jobs were able to inject JavaScript into parameter names and descriptions. | ||||
CVE-2017-2599 | 1 Jenkins | 1 Jenkins | 2024-08-05 | 5.4 Medium |
Jenkins before versions 2.44 and 2.32.2 is vulnerable to an insufficient permission check. This allows users with permissions to create new items (e.g. jobs) to overwrite existing items they don't have access to (SECURITY-321). | ||||
CVE-2017-2654 | 1 Jenkins | 1 Email Extension | 2024-08-05 | N/A |
jenkins-email-ext before version 2.57.1 is vulnerable to an Information Exposure. The Email Extension Plugins is able to send emails to a dynamically created list of users based on the changelogs, like authors of SCM changes since the last successful build. This could in some cases result in emails being sent to people who have no user account in Jenkins, and in rare cases even people who were not involved in whatever project was being built, due to some mapping based on the local-part of email addresses. |