Jenkins GitLab Plugin 1.5.35 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token. Gi…
[org.jenkins-ci.plugins:job-import-plugin] Jenkins Job Import Plugin allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins
Jenkins Job Import Plugin 3.5 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. An enumeration of credentials IDs in Job I…
[com.compuware.jenkins:compuware-topaz-for-total-test] Jenkins Compuware Topaz for Total Test Plugin vulnerable to Protection Mechanism Failure
Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties from …
[io.jenkins.plugins:screenrecorder] Jenkins ScreenRecorder Plugin disables Content-Security-Policy protection for user-generated content
Jenkins ScreenRecorder Plugin 0.7 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download.
References
https://nvd.nist.gov/vuln/detail…
[io.jenkins.plugins:custom-checkbox-parameter] Jenkins Custom Checkbox Parameter Plugin vulnerable to stored Cross-site Scripting
Jenkins Custom Checkbox Parameter Plugin 1.4 and earlier does not escape the name and description of Custom Checkbox Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by atta…
[org.jenkins-ci.plugins:nunit] Jenkins NUnit Plugin vulnerable to Protection Mechanism Failure
Jenkins NUnit Plugin 0.27 and earlier implements an agent-to-controller message that parses files inside a user-specified directory as test results, allowing attackers able to control agent processes to obtain test results from files in an attacker-spe…
[com.compuware.jenkins:compuware-strobe-measurement] Jenkins Compuware Strobe Measurement Plugin Missing Authorization vulnerability
Jenkins Compuware Strobe Measurement Plugin 1.0.1 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
References
https://nv…
[com.compuware.jenkins:compuware-xpediter-code-coverage] Jenkins Compuware Xpediter Code Coverage Plugin vulnerable to Protection Mechanism Failure
Jenkins Compuware Xpediter Code Coverage Plugin 1.0.7 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to obtain the values of Java system properties fro…
[org.jenkins-ci.plugins:pipeline-input-step] Jenkins Pipeline: Input Step Plugin vulnerable to Inappropriate Encoding for Output Context
Jenkins Pipeline: Input Step Plugin 451.vf1a_a_4f405289 and earlier does not restrict or sanitize the optionally specified ID of the input step, which is used for the URLs that process user interactions for the given input step (proceed or abort) and i…
[org.jenkins-ci.plugins.workflow:workflow-support] Jenkins Pipeline: Supporting APIs Plugin vulnerable to stored Cross-site Scripting
Jenkins Pipeline: Supporting APIs Plugin 838.va_3a_087b_4055b and earlier does not sanitize or properly encode URLs of hyperlinks sending POST requests in build logs, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attacke…