When the Struts2 debug mode is turned on, under certain conditions an arbitrary script may be executed in the ‘Problem Report’ screen. Also if JSP files are exposed to be accessed directly it’s possible to execute an arbitrary script.
It is generally …
[Microsoft.AspNetCore.App.Runtime.linux-x64] Denial of service in ASP.NET Core
A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka ‘ASP.NET Core Denial of Service Vulnerability’.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-0602
https://access.redhat.com/errata/RHSA-2020:0130
h…
[org.keycloak:keycloak-core] keycloak vulnerable to unauthorized login via mail server setup
A flaw was found in keycloack before version 8.0.0. The owner of ‘placeholder.org’ domain can setup mail server on this domain and knowing only name of a client can reset password and then log in. For example, for client name ‘test’ the email address w…
[org.springframework:spring-web] Spring Framework lacks documentation for unsafe deserialization
Pivotal Spring Framework 4.1.4 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication …
[com.yahoo.athenz:athenz] Athenz vulnerable to Open Redirect
Open redirect vulnerability in Athenz v1.8.24 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page.
References
https://nvd.nist.gov/vuln/detail/CVE-2019-6035
https://git…
[io.alauda.jenkins.plugins:alauda-kubernetes-support] Improper Authorization in Jenkins Alauda Kubernetes Suport Plugin
A missing permission check in Jenkins Alauda Kubernetes Suport Plugin 2.3.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capt…
[tech.andrey.jenkins:mission-control-view] Cross site scripting in Jenkins Mission Control Plugin
Jenkins Mission Control Plugin 0.9.16 and earlier does not escape job display names and build names shown on its view, resulting in a stored XSS vulnerability exploitable by attackers able to change these properties.
References
https://nvd.nist.gov/vu…
[com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer] Missing permission check in Jenkins Build Failure Analyzer Plugin
A missing permission check in Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier allows attackers with Overall/Read permission to have Jenkins evaluate a computationally expensive regular expression.
References
https://nvd.nist.gov/vuln/detail/C…
[com.redgate.plugins.redgatesqlci:redgate-sql-ci] Jenkins Redgate SQL Change Automation Plugin has Insufficiently Protected Credentials
Jenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
References…
[ansible] Ansible password prompts could expose passwords
ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2.8.4, all 2.7.x before 2.7.13 and all 2.6.x before 2.6.19, prompt passwords by expanding them from templates as they could contain special characters. Passwords should be wrapped to …