Category

MODERATE

505 Posts

Featured

[org.keycloak:keycloak-core] Stored Cross-Site Scripting (XSS) in Keycloak via groups dropdown

[baserproject/basercms] baserproject/basercms vulnerable to cross-site scripting (XSS) vulnerability

[org.postgresql:postgresql] TemporaryFolder on unix-like systems does not limit access to created files

[com.h2database:h2] Password exposure in H2 Database

[io.jenkins:configuration-as-code] Observable Discrepancy and Observable Timing Discrepancy in Jenkins Configuration as Code Plugin

Jenkins Configuration as Code Plugin 1.55 and earlier used a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token.
References

https://nvd.nis…

[onionshare-cli] Improper Access Control in Onionshare

Between September 26, 2021 and October 8, 2021, Radically Open Security conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund’s Red Team lab. This is an issue from that penetration test.

Vulnerability ID: OTF-004
Vulnerabi…

[onionshare-cli] Improper Access Control in Onionshare

Between September 26, 2021 and October 8, 2021, Radically Open Security conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund’s Red Team lab. This is an issue from that penetration test.

Vulnerability ID: OTF-003
Vulnerabi…

[onionshare-cli] Path traversal in Onionshare

Between September 26, 2021 and October 8, 2021, Radically Open Security conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund’s Red Team lab. This is an issue from that penetration test.

Vulnerability ID: OTF-013
Vulnerabi…

[onionshare-cli] Improper Access Control in Onionshare

Between September 26, 2021 and October 8, 2021, Radically Open Security conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund’s Red Team lab. This is an issue from that penetration test.

Vulnerability ID: OTF-009
Vulnerabi…

[onionshare-cli] Username spoofing in OnionShare

Between September 26, 2021 and October 8, 2021, Radically Open Security conducted a penetration test of OnionShare 2.4, funded by the Open Technology Fund’s Red Team lab. This is an issue from that penetration test.

Vulnerability ID: OTF-005
Vulnerabi…

[org.jenkins-ci.plugins:credentials] Incorrect Permission Assignment for Critical Resource in Jenkins Credentials Binding Plugin

Jenkins Credentials Binding Plugin 1.27 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read access to validate if a credential ID refers to a secret file credential and whether …

[org.jenkins-ci.plugins:active-directory] User passwords transmitted in plain text by Jenkins Active Directory Plugin

Jenkins Active Directory Plugin 2.25 and earlier does not encrypt the transmission of data between the Jenkins controller and Active Directory servers in most configurations.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-23105
https://www.jenki…

[com.datapipe.jenkins.plugins:hashicorp-vault-plugin] Improper credentials masking in Jenkins HashiCorp Vault Plugin

Jenkins HashiCorp Vault Plugin 3.7.0 and earlier does not mask Vault credentials in Pipeline build logs or in Pipeline step descriptions when Pipeline: Groovy Plugin 2.85 or later is installed.
References

https://nvd.nist.gov/vuln/detail/CVE-2022-2310…

[org.jenkins-ci.plugins:publish-over-ssh] Stored XSS vulnerability in Jenkins Publish Over SSH Plugin

Jenkins Publish Over SSH Plugin 1.22 and earlier does not escape the SSH server name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Overall/Administer permission.
References

https://nvd.nist.gov/vuln/deta…