CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-34174 – jenkins: Observable timing discrepancy allows determining username validity
https://notcve.org/view.php?id=CVE-2022-34174
In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm. En Jenkins versiones 2.355 y anteriores, LTS versiones 2.332.3 y anteriores, una discrepancia de tiempo observable en el formulario de inicio de sesión permite distinguir entre los intentos de inicio de sesión con un nombre de usuario no válido, y los intentos de inicio de sesión con un nombre de usuario válido y una contraseña incorrecta, cuando se usa el ámbito de seguridad de la base de datos de usuarios de Jenkins • https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2566 https://access.redhat.com/security/cve/CVE-2022-34174 https://bugzilla.redhat.com/show_bug.cgi?id=2119653 • CWE-203: Observable Discrepancy CWE-208: Observable Timing Discrepancy •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-27201
https://notcve.org/view.php?id=CVE-2022-27201
Jenkins Semantic Versioning Plugin 1.13 and earlier does not restrict execution of an controller/agent message to agents, and implements no limitations about the file path that can be parsed, allowing attackers able to control agent processes to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery. El Plugin Semantic Versioning de Jenkins versiones 1.13 y anteriores, no restringe la ejecución de un mensaje de controlador/agente a los agentes, y no implementa limitaciones sobre la ruta del archivo que puede ser analizado, permitiendo a atacantes capaces de controlar los procesos de los agentes hacer que Jenkins analice un archivo diseñado que usa entidades externas para la extracción de secretos del controlador Jenkins o una vulnerabilidad de tipo server-side request forgery • http://www.openwall.com/lists/oss-security/2022/03/15/2 https://www.jenkins.io/security/advisory/2022-03-15/#SECURITY-2124 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-0538
https://notcve.org/view.php?id=CVE-2022-0538
Jenkins 2.333 and earlier, LTS 2.319.2 and earlier defines custom XStream converters that have not been updated to apply the protections for the vulnerability CVE-2021-43859 and allow unconstrained resource usage. Jenkins versiones 2.333 y anteriores, LTS versiones 2.319.2 y anteriores, define convertidores XStream personalizados que no han sido actualizados para aplicar las protecciones para la vulnerabilidad CVE-2021-43859 y permiten el uso de recursos sin restricciones • http://www.openwall.com/lists/oss-security/2022/02/09/1 https://www.jenkins.io/security/advisory/2022-02-09/#SECURITY-2602 • CWE-502: Deserialization of Untrusted Data •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-20612 – jenkins: no POST request is required for the endpoint handling manual build requests which could result in CSRF
https://notcve.org/view.php?id=CVE-2022-20612
A cross-site request forgery (CSRF) vulnerability in Jenkins 2.329 and earlier, LTS 2.319.1 and earlier allows attackers to trigger build of job without parameters when no security realm is set. Una vulnerabilidad de tipo cross-site request forgery (CSRF) en Jenkins versiones 2.329 y anteriores, LTS versiones 2.319.1 y anteriores, permite a atacantes desencadenar una construcción de un trabajo sin parámetros cuando no se establece un ámbito de seguridad A Cross-site request forgery (CSRF) vulnerability was found in Jenkins. The POST requests are not required for the HTTP endpoint handling manual build requests when no security realm is set. This flaw allows an attacker to trigger the building of a job without parameters. • http://www.openwall.com/lists/oss-security/2022/01/12/6 https://www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2558 https://www.oracle.com/security-alerts/cpuapr2022.html https://access.redhat.com/security/cve/CVE-2022-20612 https://bugzilla.redhat.com/show_bug.cgi?id=2044460 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21697 – jenkins: Agent-to-controller access control allows reading/writing most content of build directories
https://notcve.org/view.php?id=CVE-2021-21697
Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allows any agent to read and write the contents of any build directory stored in Jenkins with very few restrictions. Jenkins versiones 2.318 y anteriores, LTS versiones 2.303.2 y anteriores, permiten a cualquier agente leer y escribir el contenido de cualquier directorio de construcción almacenado en Jenkins con muy pocas restricciones An incorrect access restriction vulnerability was found in Jenkins. The directories agents are allowed to access include the directories where there are stored build-related information intended to allow agents to store build-related metadata during build execution. As a consequence, this allows an attacker who controls agent process to read and write the contents of any build directory stored in Jenkins with very few restrictions (build.xml and some Pipeline-related metadata). • http://www.openwall.com/lists/oss-security/2021/11/04/3 https://www.jenkins.io/security/advisory/2021-11-04/#SECURITY-2428 https://access.redhat.com/security/cve/CVE-2021-21697 https://bugzilla.redhat.com/show_bug.cgi?id=2020345 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •