CVSS: 4.8EPSS: 0%CPEs: 5EXPL: 0CVE-2019-10383 – jenkins: stored cross-site scripting in update center web pages (SECURITY-1453)
https://notcve.org/view.php?id=CVE-2019-10383
A stored cross-site scripting vulnerability in Jenkins 2.191 and earlier, LTS 2.176.2 and earlier allowed attackers with Overall/Administer permission to configure the update site URL to inject arbitrary HTML and JavaScript in update center web pages. Una vulnerabilidad de secuencias de comandos entre sitios almacenada en Jenkins 2.191 y anteriores, LTS 2.176.2 y anteriores permitía a los atacantes con permiso General / Administrar configurar la URL del sitio de actualización para inyectar HTML y JavaScript arbitrarios en las páginas web del centro de actualizaciones. • http://www.openwall.com/lists/oss-security/2019/08/28/4 https://access.redhat.com/errata/RHSA-2019:2789 https://access.redhat.com/errata/RHSA-2019:3144 https://jenkins.io/security/advisory/2019-08-28/#SECURITY-1453 https://www.oracle.com/security-alerts/cpuapr2022.html https://access.redhat.com/security/cve/CVE-2019-10383 https://bugzilla.redhat.com/show_bug.cgi?id=1747293 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 55%CPEs: 2EXPL: 1CVE-2019-10352 – jenkins: Arbitrary file write vulnerability using file parameter definitions (SECURITY-1424)
https://notcve.org/view.php?id=CVE-2019-10352
A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier in core/src/main/java/hudson/model/FileParameterValue.java allowed attackers with Job/Configure permission to define a file parameter with a file name outside the intended directory, resulting in an arbitrary file write on the Jenkins master when scheduling a build. Una vulnerabilidad de salto de ruta (path) en Jenkins versiones 2.185 y anteriores, LTS versiones 2.176.1 y anteriores, en el archivo core/src/main/java/hudson/model/ FileParameterValue.java permitía a los atacantes con permiso de Trabajo y Configuración definir un parámetro file con un nombre de archivo fuera del directorio previsto, resultando en una escritura de archivo arbitraria en el maestro de Jenkins al programar una compilación. • http://www.openwall.com/lists/oss-security/2019/07/17/2 http://www.securityfocus.com/bid/109299 https://access.redhat.com/errata/RHSA-2019:2503 https://access.redhat.com/errata/RHSA-2019:2548 https://jenkins.io/security/advisory/2019-07-17/#SECURITY-1424 https://www.tenable.com/security/research/tra-2019-35 https://access.redhat.com/security/cve/CVE-2019-10352 https://bugzilla.redhat.com/show_bug.cgi?id=1730824 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-10353 – jenkins: CSRF protection tokens did not expire (SECURITY-626)
https://notcve.org/view.php?id=CVE-2019-10353
CSRF tokens in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier did not expire, thereby allowing attackers able to obtain them to bypass CSRF protection. Unos tokens de tipo CSRF en Jenkins versiones 2.185 y anteriores, LTS versiones 2.176.1 y anteriores, no expiraron, de este modo permitieron a atacantes capaces de lograrlo omitir la protección de tipo CSRF. A flaw was found in Jenkins in weekly versions prior to 2.186 and LTS versions prior to 2.176.2. By default, CSRF tokens in Jenkins only checked user authentication and IP address which allowed attackers able to obtain a CSRF token for another user. This allowed an attacker to implement CSRF attacks as long as the victim’s IP address remained unchanged. • http://www.openwall.com/lists/oss-security/2019/07/17/2 http://www.securityfocus.com/bid/109373 https://access.redhat.com/errata/RHSA-2019:2503 https://access.redhat.com/errata/RHSA-2019:2548 https://jenkins.io/security/advisory/2019-07-17/#SECURITY-626 https://access.redhat.com/security/cve/CVE-2019-10353 https://bugzilla.redhat.com/show_bug.cgi?id=1730877 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2019-10354 – jenkins: Unauthorized view fragment access (SECURITY-534)
https://notcve.org/view.php?id=CVE-2019-10354
A vulnerability in the Stapler web framework used in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier allowed attackers to access view fragments directly, bypassing permission checks and possibly obtain sensitive information. Una vulnerabilidad en el framework web Stapler usado en Jenkins versiones 2.185 y anteriores, LTS versiones 2.176.1 y anteriores, ha permitido a los atacantes acceder directamente a los fragmentos de visualización, omitiendo las comprobaciones de permisos y posiblemente obtener información confidencial. • http://www.openwall.com/lists/oss-security/2019/07/17/2 http://www.securityfocus.com/bid/109373 https://access.redhat.com/errata/RHSA-2019:2503 https://access.redhat.com/errata/RHSA-2019:2548 https://jenkins.io/security/advisory/2019-07-17/#SECURITY-534 https://access.redhat.com/security/cve/CVE-2019-10354 https://bugzilla.redhat.com/show_bug.cgi?id=1730869 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-862: Missing Authorization •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2019-1003050
https://notcve.org/view.php?id=CVE-2019-1003050
The f:validateButton form control for the Jenkins UI did not properly escape job URLs in Jenkins 2.171 and earlier and Jenkins LTS 2.164.1 and earlier, resulting in a cross-site scripting (XSS) vulnerability exploitable by users with the ability to control job names. El control de formulario f: validateButton para la interfaz de usuario de Jenkins no escapa apropiadamente de las URL de tareas en Jenkins versión 2.171 y anteriores y Jenkins LTS versión 2.164.1 y anteriores, resultando en una vulnerabilidad de tipo cross-site scripting (XSS) explotable por los usuarios con la capacidad de controlar los nombre de tarea. • http://www.securityfocus.com/bid/107889 https://access.redhat.com/errata/RHBA-2019:1605 https://jenkins.io/security/advisory/2019-04-10/#SECURITY-1327 https://www.oracle.com/security-alerts/cpuapr2022.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •