Security
Headlines
HeadlinesLatestCVEs

Tag

#java

GHSA-g8c3-6fj2-87w7: Jenkins Active Directory Plugin vulnerable to Active Directory credential disclosure

Jenkins Active Directory Plugin allows testing a new, unsaved configuration by performing a connection test (the button labeled "Test Domain"). Active Directory Plugin 2.30 and earlier ignores the "Require TLS" and "StartTls" options and always performs the connection test to Active directory unencrypted. This allows attackers able to capture network traffic between the Jenkins controller and Active Directory servers to obtain Active Directory credentials. This only affects the connection test. Connections established during the login process are encrypted if the corresponding TLS option is enabled. Active Directory Plugin 2.30.1 considers the "Require TLS" and "StartTls" options for connection tests.

ghsa
Open in Source
#git#java#maven#ssl
GHSA-w3p4-7823-m33q: Jenkins Datadog Plugin does not perform a permission check in an HTTP endpoint.

Jenkins Datadog Plugin 5.4.1 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. Datadog Plugin 5.4.2 requires Overall/Administer permission to access the affected HTTP endpoint.

GHSA-p4wr-9wfm-f9jw: Jenkins SAML Single Sign On(SSO) Plugin missing permission check

Jenkins SAML Single Sign On(SSO) Plugin 2.3.0 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to download a string representation of the current security realm (Java `Object#toString()`), which potentially includes sensitive information. SAML Single Sign On(SSO) Plugin 2.3.1 requires Overall/Administer permission to access the affected HTTP endpoint, and only allows downloading a string representation if the current security realm is this plugin’s.

GHSA-h656-vmrg-7rr6: Jenkins Test Results Aggregator Plugin missing permission check

Jenkins Test Results Aggregator Plugin 1.2.13 and earlier does not perform a permission check in an HTTP endpoint implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password. Additionally, this HTTP endpoint does not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

GHSA-wvgr-5wgr-c6fj: Jenkins mabl Plugin vulnerable to cross-site request forgery

Jenkins mabl Plugin 0.0.46 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. Additionally, these HTTP endpoints do not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability. mabl Plugin 0.0.47 requires POST requests and the appropriate permissions for the affected HTTP endpoints.

GHSA-g4c3-4f3v-84x8: Jenkins External Monitor Job Type Plugin XML external entity vulnerability

Jenkins External Monitor Job Type Plugin 206.v9a_94ff0b_4a_10 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. This allows attackers with Item/Build permission to have Jenkins parse a crafted HTTP request with XML data that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery. External Monitor Job Type Plugin 207.v98a_a_37a_85525 disables external entity resolution for its XML parser.

GHSA-j54r-w587-95q7: Jenkins Oracle Cloud Infrastructure Compute Plugin missing SSH host key validation

Jenkins Oracle Cloud Infrastructure Compute Plugin 1.0.16 and earlier does not perform SSH host key validation when connecting to OCI clouds. This lack of validation could be abused using a man-in-the-middle attack to intercept these connections to OCI clouds. Oracle Cloud Infrastructure Compute Plugin 1.0.17 provides strategies for performing host key validation for administrators to select the one that meets their security needs.

GHSA-23rr-6phq-5p65: Jenkins mabl Plugin missing permission check

Jenkins mabl Plugin 0.0.46 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability. An enumeration of credentials IDs in mabl Plugin 0.0.47 requires the appropriate permissions.

GHSA-4c3q-r84r-q6pp: Jenkins mabl Plugin vulnerable to exposure of system-scooped credentials

Jenkins mabl Plugin 0.0.46 and earlier does not set the appropriate context for credentials lookup, allowing the use of System-scoped credentials otherwise reserved for the global configuration. This allows attackers with Item/Configure permission to access and capture credentials they are not entitled to. mabl Plugin 0.0.47 defines the appropriate context for credentials lookup.

GHSA-hmw6-r547-42fr: Jenkins Pipeline restFul API Plugin vulnerable to Cross Site Request Forgery

Jenkins Pipeline restFul API Plugin 0.11 and earlier does not require POST requests for an HTTP endpoint, resulting in a cross-site request forgery (CSRF) vulnerability. This vulnerability allows attackers to have Jenkins connect to an attacker-specified URL, capturing a newly generated JCLI token that allows impersonating the victim.