CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-47805
https://notcve.org/view.php?id=CVE-2024-47805
02 Oct 2024 — Jenkins Credentials Plugin 1380.va_435002fa_924 and earlier, except 1371.1373.v4eb_fa_b_7161e9, does not redact encrypted values of credentials using the `SecretBytes` type when accessing item `config.xml` via REST API or CLI. • https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3373 • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-47804 – jenkins: Item creation restriction bypass vulnerability
https://notcve.org/view.php?id=CVE-2024-47804
02 Oct 2024 — If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction. A flaw was found in Jenkins. When attempting to crea... • https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3448 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') CWE-1220: Insufficient Granularity of Access Control •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42906
https://notcve.org/view.php?id=CVE-2024-42906
26 Aug 2024 — TestLink before v.1.9.20 is vulnerable to Cross Site Scripting (XSS) via the pop-up on upload file. When uploading a file, the XSS payload can be entered into the file name. • https://testlink.org • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 1%CPEs: 2EXPL: 0CVE-2024-43045
https://notcve.org/view.php?id=CVE-2024-43045
07 Aug 2024 — Jenkins 2.470 and earlier, LTS 2.452.3 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to access other users' "My Views". • https://www.jenkins.io/security/advisory/2024-08-07/#SECURITY-3349 • CWE-862: Missing Authorization •
CVSS: 9.0EPSS: 46%CPEs: 4EXPL: 5CVE-2024-43044 – jenkins: Arbitrary file read vulnerability through agent connections can lead to RCE
https://notcve.org/view.php?id=CVE-2024-43044
07 Aug 2024 — Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the `ClassLoaderProxy#fetchJar` method in the Remoting library. A vulnerability was found in the Remoting library in Jenkins core, which handles communication between the Jenkins controller and agents. The ClassLoaderProxy#fetchJar function may allow malicious agents or attackers with Agent/Connect permission to read arbitrary files from the Jenkins controller's ... • https://github.com/v9d0g/CVE-2024-43044-POC • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5273
https://notcve.org/view.php?id=CVE-2024-5273
24 May 2024 — Jenkins Report Info Plugin 1.2 and earlier does not perform path validation of the workspace directory while serving report files, allowing attackers with Item/Configure permission to retrieve Surefire failures, PMD violations, Findbugs bugs, and Checkstyle errors on the controller file system by editing the workspace path. El complemento Jenkins Report Info 1.2 y versiones anteriores no realiza la validación de la ruta del directorio del espacio de trabajo mientras sirve archivos de informes, lo que permit... • http://www.openwall.com/lists/oss-security/2024/05/24/2 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34148
https://notcve.org/view.php?id=CVE-2024-34148
02 May 2024 — Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically disables the fix for CVE-2016-3721 whenever a build is triggered from a release tag, by setting the Java system property 'hudson.model.ParametersAction.keepUndefinedParameters'. El complemento Jenkins Subversion Partial Release Manager 1.0.1 y versiones anteriores deshabilita mediante programación la solución para CVE-2016-3721 cada vez que se activa una compilación desde una etiqueta de versión, estableciendo la propiedad ... • http://www.openwall.com/lists/oss-security/2024/05/02/3 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34147
https://notcve.org/view.php?id=CVE-2024-34147
02 May 2024 — Jenkins Telegram Bot Plugin 1.4.0 and earlier stores the Telegram Bot token unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. Jenkins Telegram Bot Plugin 1.4.0 y versiones anteriores almacenan el token de Telegram Bot sin cifrar en su archivo de configuración global en el controlador de Jenkins, donde los usuarios con acceso al sistema de archivos del controlador de Jenkins pueden verlo. • http://www.openwall.com/lists/oss-security/2024/05/02/3 • CWE-522: Insufficiently Protected Credentials •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-34146
https://notcve.org/view.php?id=CVE-2024-34146
02 May 2024 — Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH, allowing attackers with a previously configured SSH public key but lacking Overall/Read permission to access these repositories. Jenkins Git server Plugin 114.v068a_c7cc2574 y versiones anteriores no realiza una verificación de permisos para el acceso de lectura a un repositorio Git a través de SSH, lo que permite a los atacantes con una clave pública SSH previamente con... • http://www.openwall.com/lists/oss-security/2024/05/02/3 • CWE-269: Improper Privilege Management CWE-862: Missing Authorization CWE-863: Incorrect Authorization •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-34145 – jenkins-plugin/script-security: sandbox bypass via sandbox-defined classes
https://notcve.org/view.php?id=CVE-2024-34145
02 May 2024 — A sandbox bypass vulnerability involving sandbox-defined classes that shadow specific non-sandbox-defined classes in Jenkins Script Security Plugin 1335.vf07d9ce377a_e and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM. Una vulnerabilidad de omisión de la sandbox que involucra clases definidas en la sandbox que ocultan clases específicas no definidas en... • http://www.openwall.com/lists/oss-security/2024/05/02/3 • CWE-290: Authentication Bypass by Spoofing CWE-693: Protection Mechanism Failure •