Jenkins Jenkins CI / CD Server
Products by Jenkins Sorted by Most Security Vulnerabilities since 2018
@jenkinsci Tweets
Sun May 16 15:08:54 +0000 2021
Sun May 16 13:16:52 +0000 2021
Sat May 15 20:28:37 +0000 2021
Sat May 15 20:18:55 +0000 2021
Sat May 15 14:33:39 +0000 2021
By the Year
In 2021 there have been 48 vulnerabilities in Jenkins with an average score of 5.9 out of ten. Last year Jenkins had 171 security vulnerabilities published. Right now, Jenkins is on track to have less security vulnerabilities in 2021 than it did last year. Last year, the average CVE base score was greater by 0.16
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2021 | 48 | 5.90 |
| 2020 | 171 | 6.06 |
| 2019 | 340 | 6.91 |
| 2018 | 119 | 6.46 |
It may take a day or so for new Jenkins vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jenkins Security Vulnerabilities
Jenkins Dashboard View Plugin 2.15 and earlier does not escape URLs referenced in Image Dashboard Portlets
CVE-2021-21649
5.4 - Medium
- May 11, 2021
Jenkins Dashboard View Plugin 2.15 and earlier does not escape URLs referenced in Image Dashboard Portlets, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with View/Configure permission.
XSS
Jenkins Credentials Plugin 2.3.18 and earlier does not escape user-controlled information on a view it provides
CVE-2021-21648
6.1 - Medium
- May 11, 2021
Jenkins Credentials Plugin 2.3.18 and earlier does not escape user-controlled information on a view it provides, resulting in a reflected cross-site scripting (XSS) vulnerability.
XSS
Jenkins Config File Provider Plugin 3.7.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVE-2021-21642
8.1 - High
- April 21, 2021
Jenkins Config File Provider Plugin 3.7.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
XXE
Jenkins Config File Provider Plugin 3.7.0 and earlier does not correctly perform permission checks in several HTTP endpoints
CVE-2021-21643
6.5 - Medium
- April 21, 2021
Jenkins Config File Provider Plugin 3.7.0 and earlier does not correctly perform permission checks in several HTTP endpoints, allowing attackers with global Job/Configure permission to enumerate system-scoped credentials IDs of credentials stored in Jenkins.
AuthZ
Jenkins CloudBees CD Plugin 1.1.21 and earlier does not perform a permission check in an HTTP endpoint
CVE-2021-21647
4.3 - Medium
- April 21, 2021
Jenkins CloudBees CD Plugin 1.1.21 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Item/Read permission to schedule builds of projects without having Item/Build permission.
AuthZ
A cross-site request forgery (CSRF) vulnerability in Jenkins Config File Provider Plugin 3.7.0 and earlier
CVE-2021-21644
5.4 - Medium
- April 21, 2021
A cross-site request forgery (CSRF) vulnerability in Jenkins Config File Provider Plugin 3.7.0 and earlier allows attackers to delete configuration files corresponding to an attacker-specified ID.
Session Riding
Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin
CVE-2021-21646
8.8 - High
- April 21, 2021
Jenkins Templating Engine Plugin 2.1 and earlier does not protect its pipeline configurations using Script Security Plugin, allowing attackers with Job/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM.
Protection Mechanism Failure
Jenkins Config File Provider Plugin 3.7.0 and earlier does not perform permission checks in several HTTP endpoints
CVE-2021-21645
4.3 - Medium
- April 21, 2021
Jenkins Config File Provider Plugin 3.7.0 and earlier does not perform permission checks in several HTTP endpoints, attackers with Overall/Read permission to enumerate configuration file IDs.
AuthZ
A cross-site request forgery (CSRF) vulnerability in Jenkins promoted builds Plugin 3.9 and earlier
CVE-2021-21641
4.3 - Medium
- April 07, 2021
A cross-site request forgery (CSRF) vulnerability in Jenkins promoted builds Plugin 3.9 and earlier allows attackers to to promote builds.
Session Riding
Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not validate the type of object created after loading the data submitted to the `config.xml` REST API endpoint of a node
CVE-2021-21639
4.3 - Medium
- April 07, 2021
Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not validate the type of object created after loading the data submitted to the `config.xml` REST API endpoint of a node, allowing attackers with Computer/Configure permission to replace a node with one of a different type.
Improper Input Validation
Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not properly check
CVE-2021-21640
4.3 - Medium
- April 07, 2021
Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not properly check that a newly created view has an allowed name, allowing attackers with View/Create permission to create views with invalid or already-used names.
Improper Handling of Inconsistent Structural Elements
Jenkins Build With Parameters Plugin 1.5 and earlier does not escape parameter names and descriptions
CVE-2021-21628
5.4 - Medium
- March 30, 2021
Jenkins Build With Parameters Plugin 1.5 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
XSS
A cross-site request forgery (CSRF) vulnerability in Jenkins Build With Parameters Plugin 1.5 and earlier
CVE-2021-21629
8.8 - High
- March 30, 2021
A cross-site request forgery (CSRF) vulnerability in Jenkins Build With Parameters Plugin 1.5 and earlier allows attackers to build a project with attacker-specified parameters.
Session Riding
Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column
CVE-2021-21630
5.4 - Medium
- March 30, 2021
Jenkins Extra Columns Plugin 1.22 and earlier does not escape parameter values in the build parameters column, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
XSS
Jenkins Cloud Statistics Plugin 0.26 and earlier does not perform a permission check in an HTTP endpoint
CVE-2021-21631
4.3 - Medium
- March 30, 2021
Jenkins Cloud Statistics Plugin 0.26 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission and knowledge of random activity IDs to view related provisioning exception error messages.
AuthZ
A missing permission check in Jenkins OWASP Dependency-Track Plugin 3.1.0 and earlier
CVE-2021-21632
6.5 - Medium
- March 30, 2021
A missing permission check in Jenkins OWASP Dependency-Track Plugin 3.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL, capturing credentials stored in Jenkins.
AuthZ
A cross-site request forgery (CSRF) vulnerability in Jenkins OWASP Dependency-Track Plugin 3.1.0 and earlier
CVE-2021-21633
8.8 - High
- March 30, 2021
A cross-site request forgery (CSRF) vulnerability in Jenkins OWASP Dependency-Track Plugin 3.1.0 and earlier allows attackers to connect to an attacker-specified URL, capturing credentials stored in Jenkins.
Session Riding
Jenkins Jabber (XMPP) notifier and control Plugin 1.41 and earlier stores passwords unencrypted in its global configuration file on the Jenkins controller where they
CVE-2021-21634
6.5 - Medium
- March 30, 2021
Jenkins Jabber (XMPP) notifier and control Plugin 1.41 and earlier stores passwords unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.
Insufficiently Protected Credentials
Jenkins REST List Parameter Plugin 1.3.0 and earlier does not escape a parameter name reference in embedded JavaScript
CVE-2021-21635
5.4 - Medium
- March 30, 2021
Jenkins REST List Parameter Plugin 1.3.0 and earlier does not escape a parameter name reference in embedded JavaScript, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
XSS
A missing permission check in Jenkins Team Foundation Server Plugin 5.157.1 and earlier
CVE-2021-21636
4.3 - Medium
- March 30, 2021
A missing permission check in Jenkins Team Foundation Server Plugin 5.157.1 and earlier allows attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins.
AuthZ
A missing permission check in Jenkins Team Foundation Server Plugin 5.157.1 and earlier
CVE-2021-21637
6.5 - Medium
- March 30, 2021
A missing permission check in Jenkins Team Foundation Server Plugin 5.157.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
AuthZ
A cross-site request forgery (CSRF) vulnerability in Jenkins Team Foundation Server Plugin 5.157.1 and earlier
CVE-2021-21638
8.8 - High
- March 30, 2021
A cross-site request forgery (CSRF) vulnerability in Jenkins Team Foundation Server Plugin 5.157.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
Session Riding
An incorrect permission check in Jenkins Matrix Authorization Strategy Plugin 2.6.5 and earlier
CVE-2021-21623
6.5 - Medium
- March 18, 2021
An incorrect permission check in Jenkins Matrix Authorization Strategy Plugin 2.6.5 and earlier allows attackers with Item/Read permission on nested items to access them, even if they lack Item/Read permission for parent folders.
AuthZ
An incorrect permission check in Jenkins Role-based Authorization Strategy Plugin 3.1 and earlier
CVE-2021-21624
4.3 - Medium
- March 18, 2021
An incorrect permission check in Jenkins Role-based Authorization Strategy Plugin 3.1 and earlier allows attackers with Item/Read permission on nested items to access them, even if they lack Item/Read permission for parent folders.
AuthZ
Jenkins CloudBees AWS Credentials Plugin 1.28 and earlier does not perform a permission check in a helper method for HTTP endpoints
CVE-2021-21625
4.3 - Medium
- March 18, 2021
Jenkins CloudBees AWS Credentials Plugin 1.28 and earlier does not perform a permission check in a helper method for HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs of AWS credentials stored in Jenkins in some circumstances.
AuthZ
Jenkins Warnings Next Generation Plugin 8.4.4 and earlier does not perform a permission check in methods implementing form validation
CVE-2021-21626
4.3 - Medium
- March 18, 2021
Jenkins Warnings Next Generation Plugin 8.4.4 and earlier does not perform a permission check in methods implementing form validation, allowing attackers with Item/Read permission but without Item/Workspace or Item/Configure permission to check whether attacker-specified file patterns match workspace contents.
AuthZ
A cross-site request forgery (CSRF) vulnerability in Jenkins Libvirt Agents Plugin 1.9.0 and earlier
CVE-2021-21627
8.8 - High
- March 18, 2021
A cross-site request forgery (CSRF) vulnerability in Jenkins Libvirt Agents Plugin 1.9.0 and earlier allows attackers to stop hypervisor domains.
Session Riding
Jenkins Active Choices Plugin 2.5.2 and earlier does not escape reference parameter values
CVE-2021-21616
4.6 - Medium
- February 24, 2021
Jenkins Active Choices Plugin 2.5.2 and earlier does not escape reference parameter values, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
XSS
Jenkins Repository Connector Plugin 2.0.2 and earlier does not escape parameter names and descriptions for past builds
CVE-2021-21618
5.4 - Medium
- February 24, 2021
Jenkins Repository Connector Plugin 2.0.2 and earlier does not escape parameter names and descriptions for past builds, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
XSS
Jenkins Support Core Plugin 2.72 and earlier provides the serialized user authentication as part of the "About user (basic authentication details only)" information
CVE-2021-21621
5.3 - Medium
- February 24, 2021
Jenkins Support Core Plugin 2.72 and earlier provides the serialized user authentication as part of the "About user (basic authentication details only)" information, which can include the session ID of the user creating the support bundle in some configurations.
Information Disclosure
A cross-site request forgery (CSRF) vulnerability in Jenkins Configuration Slicing Plugin 1.51 and earlier
CVE-2021-21617
8.8 - High
- February 24, 2021
A cross-site request forgery (CSRF) vulnerability in Jenkins Configuration Slicing Plugin 1.51 and earlier allows attackers to apply different slice configurations.
Session Riding
Jenkins Claim Plugin 2.18.1 and earlier does not escape the user display name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers who are able to control the display names of Jenkins users, either
CVE-2021-21619
5.4 - Medium
- February 24, 2021
Jenkins Claim Plugin 2.18.1 and earlier does not escape the user display name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers who are able to control the display names of Jenkins users, either via the security realm, or directly inside Jenkins.
XSS
A cross-site request forgery (CSRF) vulnerability in Jenkins Claim Plugin 2.18.1 and earlier
CVE-2021-21620
4.3 - Medium
- February 24, 2021
A cross-site request forgery (CSRF) vulnerability in Jenkins Claim Plugin 2.18.1 and earlier allows attackers to change claims.
Session Riding
Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions
CVE-2021-21622
5.4 - Medium
- February 24, 2021
Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
XSS
Jenkins 2.275 and LTS 2.263.2
CVE-2021-21615
5.3 - Medium
- January 26, 2021
Jenkins 2.275 and LTS 2.263.2 allows reading arbitrary files using the file browser for workspaces and archived artifacts due to a time-of-check to time-of-use (TOCTOU) race condition.
TOCTTOU
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier
CVE-2021-21602
6.5 - Medium
- January 13, 2021
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows reading arbitrary files using the file browser for workspaces and archived artifacts by following symlinks.
insecure temporary file
Jenkins 2.274 and earlier
CVE-2021-21603
5.4 - Medium
- January 13, 2021
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape notification bar response contents, resulting in a cross-site scripting (XSS) vulnerability.
XSS
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows attackers with permission to create or configure various objects to inject crafted content into Old Data Monitor
CVE-2021-21604
8 - High
- January 13, 2021
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows attackers with permission to create or configure various objects to inject crafted content into Old Data Monitor that results in the instantiation of potentially unsafe objects once discarded by an administrator.
Marshaling, Unmarshaling
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows users with Agent/Configure permission to choose agent names
CVE-2021-21605
8 - High
- January 13, 2021
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows users with Agent/Configure permission to choose agent names that cause Jenkins to override the global `config.xml` file.
Improper Input Validation
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier improperly validates the format of a provided fingerprint ID when checking for its existence
CVE-2021-21606
4.3 - Medium
- January 13, 2021
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier improperly validates the format of a provided fingerprint ID when checking for its existence allowing an attacker to check for the existence of XML files with a short path.
Improper Input Validation
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not limit sizes provided as query parameters to graph-rendering URLs, allowing attackers to request crafted URLs
CVE-2021-21607
6.5 - Medium
- January 13, 2021
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not limit sizes provided as query parameters to graph-rendering URLs, allowing attackers to request crafted URLs that use all available memory in Jenkins, potentially leading to out of memory errors.
Allocation of Resources Without Limits or Throttling
Jenkins 2.274 and earlier
CVE-2021-21608
5.4 - Medium
- January 13, 2021
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape button labels in the Jenkins UI, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers with the ability to control button labels.
XSS
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not correctly match requested URLs to the list of always accessible paths
CVE-2021-21609
5.3 - Medium
- January 13, 2021
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not correctly match requested URLs to the list of always accessible paths, allowing attackers without Overall/Read permission to access some URLs as if they did have Overall/Read permission.
AuthZ
Jenkins 2.274 and earlier
CVE-2021-21610
6.1 - Medium
- January 13, 2021
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not implement any restrictions for the URL rendering a formatted preview of markup passed as a query parameter, resulting in a reflected cross-site scripting (XSS) vulnerability if the configured markup formatter does not prohibit unsafe elements (JavaScript) in markup.
XSS
Jenkins 2.274 and earlier
CVE-2021-21611
5.4 - Medium
- January 13, 2021
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape display names and IDs of item types shown on the New Item page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to specify display names or IDs of item types.
XSS
Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they
CVE-2021-21612
5.5 - Medium
- January 13, 2021
Jenkins TraceTronic ECU-TEST Plugin 2.23.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.
Insufficiently Protected Credentials
Jenkins Bumblebee HP ALM Plugin 4.1.5 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they
CVE-2021-21614
5.5 - Medium
- January 13, 2021
Jenkins Bumblebee HP ALM Plugin 4.1.5 and earlier stores credentials unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.
Insufficiently Protected Credentials
Jenkins TICS Plugin 2020.3.0.6 and earlier does not escape TICS service responses
CVE-2021-21613
6.1 - Medium
- January 13, 2021
Jenkins TICS Plugin 2020.3.0.6 and earlier does not escape TICS service responses, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to control TICS service response content.
XSS
Jenkins Plugin Installation Manager Tool 2.1.3 and earlier does not verify plugin downloads.
CVE-2020-2320
9.8 - Critical
- December 03, 2020
Jenkins Plugin Installation Manager Tool 2.1.3 and earlier does not verify plugin downloads.
Download of Code Without Integrity Check
A cross-site request forgery (CSRF) vulnerability in Jenkins Shelve Project Plugin 3.0 and earlier
CVE-2020-2321
8.1 - High
- December 03, 2020
A cross-site request forgery (CSRF) vulnerability in Jenkins Shelve Project Plugin 3.0 and earlier allows attackers to shelve, unshelve, or delete a project.
Session Riding
Jenkins CVS Plugin 2.16 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVE-2020-2324
7.5 - High
- December 03, 2020
Jenkins CVS Plugin 2.16 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
XXE
Jenkins Active Directory Plugin 2.19 and earlier
CVE-2020-2299
9.8 - Critical
- November 04, 2020
Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user if a magic constant is used as the password.
authentification
Jenkins Active Directory Plugin 2.19 and earlier does not prohibit the use of an empty password in Windows/ADSI mode, which
CVE-2020-2300
9.8 - Critical
- November 04, 2020
Jenkins Active Directory Plugin 2.19 and earlier does not prohibit the use of an empty password in Windows/ADSI mode, which allows attackers to log in to Jenkins as any user depending on the configuration of the Active Directory server.
authentification
Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user with any password while a successful authentication of
CVE-2020-2301
9.8 - Critical
- November 04, 2020
Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user with any password while a successful authentication of that user is still in the optional cache when using Windows/ADSI mode.
authentification
A missing permission check in Jenkins Active Directory Plugin 2.19 and earlier
CVE-2020-2302
4.3 - Medium
- November 04, 2020
A missing permission check in Jenkins Active Directory Plugin 2.19 and earlier allows attackers with Overall/Read permission to access the domain health check diagnostic page.
AuthZ
A cross-site request forgery (CSRF) vulnerability in Jenkins Active Directory Plugin 2.19 and earlier
CVE-2020-2303
4.3 - Medium
- November 04, 2020
A cross-site request forgery (CSRF) vulnerability in Jenkins Active Directory Plugin 2.19 and earlier allows attackers to perform connection tests, connecting to attacker-specified or previously configured Active Directory servers using attacker-specified credentials.
Session Riding
Jenkins Subversion Plugin 2.13.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVE-2020-2304
6.5 - Medium
- November 04, 2020
Jenkins Subversion Plugin 2.13.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
XXE
Jenkins Mercurial Plugin 2.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVE-2020-2305
6.5 - Medium
- November 04, 2020
Jenkins Mercurial Plugin 2.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
XXE
A missing permission check in Jenkins Mercurial Plugin 2.11 and earlier
CVE-2020-2306
4.3 - Medium
- November 04, 2020
A missing permission check in Jenkins Mercurial Plugin 2.11 and earlier allows attackers with Overall/Read permission to obtain a list of names of configured Mercurial installations.
AuthZ
Jenkins Kubernetes Plugin 1.27.3 and earlier
CVE-2020-2307
4.3 - Medium
- November 04, 2020
Jenkins Kubernetes Plugin 1.27.3 and earlier allows low-privilege users to access possibly sensitive Jenkins controller environment variables.
Information Disclosure
A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier
CVE-2020-2308
4.3 - Medium
- November 04, 2020
A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to list global pod template names.
AuthZ
A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier
CVE-2020-2309
4.3 - Medium
- November 04, 2020
A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
AuthZ
Missing permission checks in Jenkins Ansible Plugin 1.0 and earlier
CVE-2020-2310
4.3 - Medium
- November 04, 2020
Missing permission checks in Jenkins Ansible Plugin 1.0 and earlier allow attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
AuthZ
A missing permission check in Jenkins AWS Global Configuration Plugin 1.5 and earlier
CVE-2020-2311
4.3 - Medium
- November 04, 2020
A missing permission check in Jenkins AWS Global Configuration Plugin 1.5 and earlier allows attackers with Overall/Read permission to replace the global AWS configuration.
AuthZ
Jenkins SQLPlus Script Runner Plugin 2.0.12 and earlier does not mask a password provided as command line argument in build logs.
CVE-2020-2312
6.5 - Medium
- November 04, 2020
Jenkins SQLPlus Script Runner Plugin 2.0.12 and earlier does not mask a password provided as command line argument in build logs.
Insufficiently Protected Credentials
A missing permission check in Jenkins Azure Key Vault Plugin 2.0 and earlier
CVE-2020-2313
4.3 - Medium
- November 04, 2020
A missing permission check in Jenkins Azure Key Vault Plugin 2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
AuthZ
Jenkins AppSpider Plugin 1.0.12 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it
CVE-2020-2314
5.5 - Medium
- November 04, 2020
Jenkins AppSpider Plugin 1.0.12 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.
Unprotected Storage of Credentials
Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVE-2020-2315
6.5 - Medium
- November 04, 2020
Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
XXE
Jenkins Static Analysis Utilities Plugin 1.96 and earlier does not escape the annotation message in tooltips
CVE-2020-2316
5.4 - Medium
- November 04, 2020
Jenkins Static Analysis Utilities Plugin 1.96 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
XSS
Jenkins FindBugs Plugin 5.0.0 and earlier does not escape the annotation message in tooltips
CVE-2020-2317
5.4 - Medium
- November 04, 2020
Jenkins FindBugs Plugin 5.0.0 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide report files to Jenkins FindBugs Plugin's post build step.
XSS
Jenkins Mail Commander Plugin for Jenkins-ci Plugin 1.0.0 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they
CVE-2020-2318
6.5 - Medium
- November 04, 2020
Jenkins Mail Commander Plugin for Jenkins-ci Plugin 1.0.0 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.
Unprotected Storage of Credentials
Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier stores a password unencrypted in the global config.xml file on the Jenkins controller where it
CVE-2020-2319
6.5 - Medium
- November 04, 2020
Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier stores a password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.
Unprotected Storage of Credentials
Jenkins Role-based Authorization Strategy Plugin 3.0 and earlier does not properly invalidate a permission cache when the configuration is changed
CVE-2020-2286
8.8 - High
- October 08, 2020
Jenkins Role-based Authorization Strategy Plugin 3.0 and earlier does not properly invalidate a permission cache when the configuration is changed, resulting in permissions being granted based on an outdated configuration.
AuthZ
Jenkins Audit Trail Plugin 3.6 and earlier applies pattern matching to a different representation of request URL paths than the Stapler web framework uses for dispatching requests, which allows attackers to craft URLs
CVE-2020-2287
5.3 - Medium
- October 08, 2020
Jenkins Audit Trail Plugin 3.6 and earlier applies pattern matching to a different representation of request URL paths than the Stapler web framework uses for dispatching requests, which allows attackers to craft URLs that bypass request logging of any target URL.
Interaction Error
In Jenkins Audit Trail Plugin 3.6 and earlier, the default regular expression pattern could be bypassed in many cases by adding a suffix to the URL
CVE-2020-2288
5.3 - Medium
- October 08, 2020
In Jenkins Audit Trail Plugin 3.6 and earlier, the default regular expression pattern could be bypassed in many cases by adding a suffix to the URL that would be ignored during request handling.
Incorrect Regular Expression
Jenkins Active Choices Plugin 2.4 and earlier does not escape the name and description of build parameters
CVE-2020-2289
5.4 - Medium
- October 08, 2020
Jenkins Active Choices Plugin 2.4 and earlier does not escape the name and description of build parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
XSS
Jenkins Active Choices Plugin 2.4 and earlier does not escape some return values of sandboxed scripts for Reactive Reference Parameters
CVE-2020-2290
5.4 - Medium
- October 08, 2020
Jenkins Active Choices Plugin 2.4 and earlier does not escape some return values of sandboxed scripts for Reactive Reference Parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
XSS
Jenkins couchdb-statistics Plugin 0.3 and earlier stores its server password unencrypted in its global configuration file on the Jenkins controller where it
CVE-2020-2291
3.3 - Low
- October 08, 2020
Jenkins couchdb-statistics Plugin 0.3 and earlier stores its server password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.
Unprotected Storage of Credentials
Jenkins Release Plugin 2.10.2 and earlier does not escape the release version in badge tooltip
CVE-2020-2292
5.4 - Medium
- October 08, 2020
Jenkins Release Plugin 2.10.2 and earlier does not escape the release version in badge tooltip, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Release/Release permission.
XSS
Jenkins Persona Plugin 2.4 and earlier
CVE-2020-2293
6.5 - Medium
- October 08, 2020
Jenkins Persona Plugin 2.4 and earlier allows users with Overall/Read permission to read arbitrary files on the Jenkins controller.
Directory traversal
A cross-site request forgery (CSRF) vulnerability in Jenkins Shared Objects Plugin 0.44 and earlier
CVE-2020-2296
4.3 - Medium
- October 08, 2020
A cross-site request forgery (CSRF) vulnerability in Jenkins Shared Objects Plugin 0.44 and earlier allows attackers to configure shared objects.
Session Riding
Jenkins SMS Notification Plugin 1.2 and earlier stores an access token unencrypted in its global configuration file on the Jenkins controller where it
CVE-2020-2297
3.3 - Low
- October 08, 2020
Jenkins SMS Notification Plugin 1.2 and earlier stores an access token unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.
Unprotected Storage of Credentials
Jenkins Nerrvana Plugin 1.02.06 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVE-2020-2298
6.5 - Medium
- October 08, 2020
Jenkins Nerrvana Plugin 1.02.06 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
XXE
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.74 and earlier allows attackers with permission to define sandboxed scripts to provide crafted return values or script binding content
CVE-2020-2279
9.9 - Critical
- September 23, 2020
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.74 and earlier allows attackers with permission to define sandboxed scripts to provide crafted return values or script binding content that can result in arbitrary code execution on the Jenkins controller JVM.
A cross-site request forgery (CSRF) vulnerability in Jenkins Warnings Plugin 5.0.1 and earlier
CVE-2020-2280
8.8 - High
- September 23, 2020
A cross-site request forgery (CSRF) vulnerability in Jenkins Warnings Plugin 5.0.1 and earlier allows attackers to execute arbitrary code.
Session Riding
A cross-site request forgery (CSRF) vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier
CVE-2020-2281
5.4 - Medium
- September 23, 2020
A cross-site request forgery (CSRF) vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources.
Session Riding
Jenkins Implied Labels Plugin 0.6 and earlier does not perform a permission check in an HTTP endpoint
CVE-2020-2282
4.3 - Medium
- September 23, 2020
Jenkins Implied Labels Plugin 0.6 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to configure the plugin.
AuthZ
Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not escape changeset contents
CVE-2020-2283
5.4 - Medium
- September 23, 2020
Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not escape changeset contents, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users able to control changeset files evaluated by the plugin.
XSS
Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVE-2020-2284
7.1 - High
- September 23, 2020
Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
XXE
A missing permission check in Jenkins Liquibase Runner Plugin 1.4.7 and earlier
CVE-2020-2285
4.3 - Medium
- September 23, 2020
A missing permission check in Jenkins Liquibase Runner Plugin 1.4.7 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
AuthZ
Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.
CVE-2020-2252
4.8 - Medium
- September 16, 2020
Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.
Improper Certificate Validation
Jenkins Email Extension Plugin 2.75 and earlier does not perform hostname validation when connecting to the configured SMTP server.
CVE-2020-2253
4.8 - Medium
- September 16, 2020
Jenkins Email Extension Plugin 2.75 and earlier does not perform hostname validation when connecting to the configured SMTP server.
Improper Certificate Validation
Jenkins Blue Ocean Plugin 1.23.2 and earlier provides an undocumented feature flag
CVE-2020-2254
6.5 - Medium
- September 16, 2020
Jenkins Blue Ocean Plugin 1.23.2 and earlier provides an undocumented feature flag that, when enabled, allows an attacker with Job/Configure or Job/Create permission to read arbitrary files on the Jenkins controller file system.
Directory traversal
A missing permission check in Jenkins Blue Ocean Plugin 1.23.2 and earlier
CVE-2020-2255
4.3 - Medium
- September 16, 2020
A missing permission check in Jenkins Blue Ocean Plugin 1.23.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.
AuthZ
Jenkins Pipeline Maven Integration Plugin 3.9.2 and earlier does not escape the upstream job's display name shown as part of a build cause
CVE-2020-2256
5.4 - Medium
- September 16, 2020
Jenkins Pipeline Maven Integration Plugin 3.9.2 and earlier does not escape the upstream job's display name shown as part of a build cause, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
XSS
Jenkins Health Advisor by CloudBees Plugin 3.2.0 and earlier does not correctly perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to view
CVE-2020-2258
4.3 - Medium
- September 16, 2020
Jenkins Health Advisor by CloudBees Plugin 3.2.0 and earlier does not correctly perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to view that HTTP endpoint.
AuthZ
Jenkins Android Lint Plugin 2.6 and earlier does not escape the annotation message in tooltips
CVE-2020-2262
5.4 - Medium
- September 16, 2020
Jenkins Android Lint Plugin 2.6 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide report files to the plugin's post-build step.
XSS
Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page
CVE-2020-2238
5.4 - Medium
- September 01, 2020
Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
XSS
Jenkins Cadence vManager Plugin 3.0.4 and earlier does not escape build descriptions in tooltips
CVE-2020-2243
5.4 - Medium
- September 01, 2020
Jenkins Cadence vManager Plugin 3.0.4 and earlier does not escape build descriptions in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Run/Update permission.
XSS
Jenkins Build Failure Analyzer Plugin 1.27.0 and earlier does not escape matching text in a form validation response
CVE-2020-2244
5.4 - Medium
- September 01, 2020
Jenkins Build Failure Analyzer Plugin 1.27.0 and earlier does not escape matching text in a form validation response, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to provide console output for builds used to test build log indications.
XSS