Security
Headlines
HeadlinesLatestCVEs

Source

ghsa

GHSA-r47v-rxcg-p28j: Stored Cross-Site Scripting October CMS

An svg file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary code in the context of a browser via a crafted svg file. Attackers must be authenticated as users.

ghsa
#xss#vulnerability#git#auth
GHSA-rchx-rvh2-vx5j: Credential leakage in Jenkins Plug-in for ServiceNow

A cross-site request forgery vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow DevOps on your Jenkins server. No changes are required on your instances of the Now Platform.

GHSA-5jc5-m87x-88fj: Secret displayed without masking by Chef Identity Plugin

Chef Identity Plugin stores the user.pem key in its global configuration file `io.chef.jenkins.ChefIdentityBuildWrapper.xml` on the Jenkins controller as part of its configuration. While this key is stored encrypted on disk, in Chef Identity Plugin 2.0.3 and earlier the global configuration form does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it.

GHSA-6f4q-f5fj-q6fc: CSRF vulnerability in Bazaar Plugin

A cross-site request forgery (CSRF) vulnerability in Jenkins Bazaar Plugin 1.22 and earlier allows attackers to delete previously created Bazaar SCM tags.

GHSA-69vw-3pcm-84rw: Jenkins Stored Cross-site Scripting vulnerability

Jenkins applies formatting to the console output of builds, transforming plain URLs into hyperlinks. Jenkins 2.415 and earlier, LTS 2.401.2 and earlier does not sanitize or properly encode URLs of these hyperlinks in build logs. This results in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control build log contents. Jenkins 2.416, LTS 2.401.3 encodes URLs of affected hyperlink annotations in build logs.

GHSA-cg6r-gqvc-r396: CSRF vulnerability in GitLab Authentication Plugin

GitLab Authentication Plugin 1.17.1 and earlier does not implement a state parameter in its OAuth flow, a unique and non-guessable value associated with each authentication request. This vulnerability allows attackers to trick users into logging in to the attacker’s account. GitLab Authentication Plugin 1.18 implements a state parameter in its OAuth flow.

GHSA-8wgf-3mrj-73x7: Incorrect permission checks in Qualys Web App Scanning Connector Plugin allow capturing credentials

Incorrect permission checks in Jenkins Qualys Web App Scanning Connector Plugin 2.0.10 and earlier allow attackers with global Item/Configure permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

GHSA-hh7p-hvm3-rg88: Heap buffer overflow in PaddlePaddle

Heap buffer overflow in paddle.trace in PaddlePaddle before 2.5.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible.

GHSA-cv2j-922j-hr56: Float point exception (FPE) in paddlepaddle

FPE in paddle.linalg.matrix_power in PaddlePaddle before 2.5.0. This flaw can cause a runtime crash and a denial of service.

GHSA-9q9v-qgwx-84mr: Command injection in PaddlePaddle

PaddlePaddle before 2.5.0 has a command injection in fs.py. This resulted in the ability to execute arbitrary commands on the operating system.