CVE-2017-1000392
https://notcve.org/view.php?id=CVE-2017-1000392
Jenkins 2.88 and earlier; 2.73.2 and earlier Autocompletion suggestions for text fields were not escaped, resulting in a persisted cross-site scripting vulnerability if the source for the suggestions allowed specifying text that includes HTML metacharacters like less-than and greater-than characters. En Jenkins 2.88 y anteriores y 2.73 y anteriores, las sugerencias de autocompletar para los campos de texto no se escaparon, lo que resulta en una vulnerabilidad de Cross-Site Scripting (XSS) persistente si el origen para las sugerencias permitía especificar texto que incluye metacaracteres como menor que y mayor que. • http://www.securityfocus.com/bid/101773 http://www.securityfocus.com/bid/102826 https://jenkins.io/security/advisory/2017-11-08 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2017-1000401
https://notcve.org/view.php?id=CVE-2017-1000401
The Jenkins 2.73.1 and earlier, 2.83 and earlier default form control for passwords and other secrets, <f:password/>, supports form validation (e.g. for API keys). The form validation AJAX requests were sent via GET, which could result in secrets being logged to a HTTP access log in non-default configurations of Jenkins, and made available to users with access to these log files. Form validation for <f:password/> is now always sent via POST, which is typically not logged. El control de formularios por defecto en Jenkins 2.73.1 y anteriores y 2.83 y anteriores para contraseñas y otros secretos, , es compatible con validación de formularios (por ejemplo, para claves API). Las peticiones AJAX de validación de formularios se enviaron mediante GET, lo que podría resultar en que los secretos se registren en un log de acceso HTTP en configuraciones que no son por defecto de Jenkins y se pongan a disposición de usuarios con acceso a estos archivos de registro. • https://jenkins.io/security/advisory/2017-10-11 • CWE-20: Improper Input Validation •
CVE-2017-1000399
https://notcve.org/view.php?id=CVE-2017-1000399
The Jenkins 2.73.1 and earlier, 2.83 and earlier remote API at /queue/item/(ID)/api showed information about tasks in the queue (typically builds waiting to start). This included information about tasks that the current user otherwise has no access to, e.g. due to lack of Item/Read permission. This has been fixed, and the API endpoint is now only available for tasks that the current user has access to. La API remota de Jenkins 2.73.1 y anteriores y 2.83 y anteriores en /queue/item/(ID)/api mostraba información sobre las tareas en la cola (normalmente, builds esperando iniciarse). Esto incluía información sobre tareas que, de otra forma, no son accesibles para el usuario actual, por ejemplo, debido a la falta de permisos Item/Read. • https://jenkins.io/security/advisory/2017-10-11 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-1000394
https://notcve.org/view.php?id=CVE-2017-1000394
Jenkins 2.73.1 and earlier, 2.83 and earlier bundled a version of the commons-fileupload library with the denial-of-service vulnerability known as CVE-2016-3092. The fix for that vulnerability has been backported to the version of the library bundled with Jenkins. Jenkins 2.73.1 y anteriores y 2.83 y anteriores incluía una versión de la biblioteca commons-fileupload con la vulnerabilidad de denegación de servicio (DoS) conocida como CVE-2016-3092. La solución para esa vulnerabilidad se ha trasladado a la versión de la biblioteca incluida con Jenkins. • https://jenkins.io/security/advisory/2017-10-11 • CWE-20: Improper Input Validation •
CVE-2017-1000396
https://notcve.org/view.php?id=CVE-2017-1000396
Jenkins 2.73.1 and earlier, 2.83 and earlier bundled a version of the commons-httpclient library with the vulnerability CVE-2012-6153 that incorrectly verified SSL certificates, making it susceptible to man-in-the-middle attacks. This library is widely used as a transitive dependency in Jenkins plugins. The fix for CVE-2012-6153 was backported to the version of commons-httpclient that is bundled in core and made available to plugins. Jenkins 2.73.1 y anteriores y 2.83 y anteriores incluía una versión de la biblioteca commons-httpclient con la vulnerabilidad CVE-2012-6153 que verificaba incorrectamente los certificados SSL, volviéndolo susceptible a ataques de Man-in-the-Middle (MitM). Esta biblioteca es ampliamente empleada como dependencia transitiva en los plugins de Jenkins. • https://jenkins.io/security/advisory/2017-10-11 • CWE-295: Improper Certificate Validation •