Jenkins dbCharts Plugin 0.5.2 and earlier stores JDBC connection passwords unencrypted in its global configuration file hudson.plugins.dbcharts.DbChartPublisher.xml on the Jenkins controller as part of its configuration.
These passwords can be viewed b…
[io.jenkins.plugins:environment-dashboard] Stored Cross-site Scripting vulnerability in Jenkins Environment Dashboard Plugin
Jenkins Environment Dashboard Plugin 1.1.10 and earlier does not escape the Environment order and the Component order configuration values in its views, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with View/C…
[org.jenkins-ci.plugins:release-helper] Missing permission checks in Jenkins Release Helper Plugin
A missing permission check in Jenkins Release Helper Plugin 1.3.3 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials.
References
https://nvd.nist.gov/vuln/detail/CVE-2…
[com.incapptic.plugins:incapptic-connect-uploader] Personal tokens stored in plain text by Jenkins incapptic connect uploader Plugin
Jenkins incapptic connect uploader Plugin 1.15 and earlier stores tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.
Ref…
[org.postgresql:postgresql] Path traversal in org.postgresql:postgresql
** DISPUTED ** In pgjdbc before 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that …
[net.mingsoft:ms-mcms] SQL injection in net.mingsoft:ms-mcms
MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via search.do in the file /web/MCmsAction.java.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-23899
https://github.com/ming-soft/MCMS/issues/63
https://github.com/advisories/GH…
[net.mingsoft:ms-mcms] SQL injection in net.mingsoft:ms-mcms
MCMS v5.2.5 was discovered to contain a SQL injection vulnerability via the categoryId parameter in the file IContentDao.xml.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-23898
https://github.com/ming-soft/MCMS/issues/62
https://github.com/adv…
[xerces:xercesImpl] Improper Input Validation in Xerces
A flaw was found in Wildfly’s implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the “use-grammar-pool-only” feature. This flaw allows a specially-crafted XML file to manipulate the …
[github.com/google/go-tpm/tpm] TPM 1.2 key authorization values vulnerable to TPM transport eavesdropper in go-tpm
Impact
TPM 2.0 users are unaffected by this issue.
An adversary eavesdropping on the TPM 1.2 transport path can calculate usageAuth for a key created with CreateWrapKey, even though this value is encrypted as part of the TPM 1.2 command protocol.
The T…
[parsec-service] Chrono has potential segfault issue in SPIFFE authenticator
Impact
Several vulnerabilities have been reported in the time and chrono crates related to handling of calls to localtime_r. You can follow some of the discussions here and here, and the associated CVE here. In our case, the issue with the dependency w…