Solr versions prior to 5.0.0 are vulnerable to an XML resource consumption attack (a.k.a. Lol Bomb) via it?s update handler.?By leveraging XML DOCTYPE and ENTITY type elements, the attacker can create a pattern that will expand when the server parses t…
[com.github.kevinsawicki:http-request] Missing certificate validation
OSS Http Request (kevinsawicki/http-request) is missing SSL/TLS certificate validation. The impact is: certificate spoofing. The component is: use this library when https communication. The attack vector is: certificate spoofing.
References
https://nv…
[org.jenkins-ci.plugins:gitea] Improper handling of untrusted branches in Gitea Jenkins Plugin
Jenkins Gitea Plugin prior to 1.1.2 did not implement trusted revisions, allowing attackers without commit access to the Git repo to change Jenkinsfiles even if Jenkins is configured to consider them to be untrusted.
References
https://nvd.nist.gov/vu…
[org.jenkins-ci.plugins:influxdb] Plaintext password storage in Jenkins InfluxDB Plugin
Jenkins InfluxDB Plugin Prior to 1.22 stored credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
References
https://nvd.nist.gov/vuln/detail/CVE-2019-1…
[org.jenkins-ci.plugins:pipeline-maven] XML External Entity processing vulnerability in Pipeline Maven Integration Jenkins Plugin
An XML external entities (XXE) vulnerability in Jenkins Pipeline Maven Integration Plugin 1.7.0 and earlier allowed attackers able to control a temporary directory’s content on the agent running the Maven build to have Jenkins parse a maliciously craft…
[Microsoft.ChakraCore] Chakra Scripting Engine and ChakraCore Vulnerable to Memory Corruption
Chakra Scripting Engine and ChakraCore are vulnerable to memory corruption due to an out-of-bounds write. The Microsoft advisory for CVE-2021-42279 was modified in August 2022 to include Microsoft.ChakraCore as an affected product.
References
https://…
[org.jenkins-ci.main:jenkins-core] Improper Authorization in Jenkins
When creating temporary files, agent-to-controller access to create those files is only checked after they’ve been created in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-21693
https://www.je…
[org.jenkins-ci.main:jenkins-core] Missing Authorization in Jenkins
FilePath#unzip and FilePath#untar were not subject to any agent-to-controller access control in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-21689
https://www.jenkins.io/security/advisory/202…
[org.jenkins-ci.main:jenkins-core] Missing Authorization in Jenkins
FilePath#listFiles lists files outside directories that agents are allowed to access when following symbolic links in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier.
References
https://nvd.nist.gov/vuln/detail/CVE-2021-21695
https://www.jenkins.io…
[apache-airflow] Missing Authentication for Critical Function in Apache Airflow
The variable import endpoint was not protected by authentication in Airflow >=2.0.0, <2.1.3. This allowed unauthenticated users to hit that endpoint to add/modify Airflow variables used in DAGs, potentially resulting in a denial of service, infor…