The Java WebSocket client nv-websocket-client does not verify that the server hostname matches a domain name in the subject’s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL/TLS s…
[io.undertow:undertow-core] Undertow Uncaught Exception vulnerability
A long URL proxy request lead to java.nio.BufferOverflowException in Undertow.
References
https://nvd.nist.gov/vuln/detail/CVE-2016-7046
https://bugzilla.redhat.com/show_bug.cgi?id=1376646
https://github.com/undertow-io/undertow/commit/c518b5a1784061d…
[org.jenkins-ci.main:jenkins-core] Cross-site Scripting in Jenkins Core
Jenkins through 2.93 allows remote authenticated administrators to conduct XSS attacks via a crafted tool name in a job configuration form, as demonstrated by the JDK tool in Jenkins core and the Ant tool in the Ant plugin, aka SECURITY-624.
References…
[org.jenkins-ci.main:jenkins-core] Exposure of Sensitive Information in Jenkins Core
Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify API tokens, which makes it easier for remote attackers to determine API tokens via a brute-force approach.
References
https://nvd.nist.gov/vuln/detail/CVE-2016-…
[org.jenkins-ci.main:jenkins-core] Exposure of Sensitive Information in Jenkins Core
Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force approach.
References
https://nvd.nist.gov/vuln/d…
[org.jenkins-ci.main:jenkins-core] Exposure of Sensitive Information in Jenkins Core
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with read access to obtain sensitive plugin installation information by leveraging missing permissions checks in unspecified XML/JSON API endpoints.
References
https://nvd.nist…
[org.jenkins-ci.main:jenkins-core] Incorrect Authorization in Jenkins Core
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with multiple accounts to cause a denial of service (unable to login) by editing the “full name.”
References
https://nvd.nist.gov/vuln/detail/CVE-2016-3722
https://access.redha…
[org.jenkins-ci.main:jenkins-core] Missing permissions check in Jenkins Core
Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users to trigger updating of update site metadata by leveraging a missing permissions check. NOTE: this issue can be combined with DNS cache poisoning to cause a denial of service (s…
[org.apache.drill:drill-common] Apache Drill vulnerable to Cross-site Scripting
In Apache Drill 1.11.0 and earlier, when submitting form from Query page, users are able to pass arbitrary script or HTML which will take effect on Profile page afterwards. Example: after submitting special script that returns cookie information from Q…
[commons-fileupload:commons-fileupload] Arbitrary file write in Apache Commons Fileupload
The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in …