CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Jenkins : Security Vulnerabilities (CVSS score between 4 and 4.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
401 CVE-2017-1000391 20 2018-01-26 2019-05-08
4.9
None Remote Medium ??? None Partial Partial
Jenkins versions 2.88 and earlier and 2.73.2 and earlier stores metadata related to 'people', which encompasses actual user accounts, as well as users appearing in SCM, in directories corresponding to the user ID on disk. These directories used the user ID for their name without additional escaping, potentially resulting in problems like overwriting of unrelated configuration files.
402 CVE-2017-1000390 862 2018-01-26 2020-08-24
4.0
None Remote Low ??? None Partial None
Jenkins Multijob plugin version 1.25 and earlier did not check permissions in the Resume Build action, allowing anyone with Job/Read permission to resume the build.
403 CVE-2017-1000389 79 XSS CSRF 2018-01-26 2018-02-12
4.3
None Remote Medium Not required None Partial None
Some URLs provided by Jenkins global-build-stats plugin version 1.4 and earlier returned a JSON response that contained request parameters. These responses had the Content Type: text/html, so could have been interpreted as HTML by clients, resulting in a potential reflected cross-site scripting vulnerability. Additionally, some URLs provided by global-build-stats plugin that modify data did not require POST requests to be sent, resulting in a potential cross-site request forgery vulnerability.
404 CVE-2017-1000388 862 2018-01-26 2020-08-24
4.0
None Remote Low ??? None Partial None
Jenkins Dependency Graph Viewer plugin 0.12 and earlier did not perform permission checks for the API endpoint that modifies the dependency graph, allowing anyone with Overall/Read permission to modify this data.
405 CVE-2017-1000355 502 2018-01-29 2018-02-15
4.0
None Remote Low ??? None None Partial
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an XStream: Java crash when trying to instantiate void/Void.
406 CVE-2017-1000243 862 2017-11-01 2020-08-24
4.0
None Remote Low ??? None Partial None
Jenkins Favorite Plugin 2.1.4 and older does not perform permission checks when changing favorite status, allowing any user to set any other user's favorites
407 CVE-2017-1000114 200 XSS +Info 2017-10-05 2017-10-17
4.3
None Remote Medium Not required Partial None None
The Datadog Plugin stores an API key to access the Datadog service in the global Jenkins configuration. While the API key is stored encrypted on disk, it was transmitted in plain text as part of the configuration form. This could result in exposure of the API key for example through browser extensions or cross-site scripting vulnerabilities. The Datadog Plugin now encrypts the API key transmitted to administrators viewing the global configuration form.
408 CVE-2017-1000110 287 2017-10-05 2019-10-03
4.0
None Remote Low ??? None Partial None
Blue Ocean allows the creation of GitHub organization folders that are set up to scan a GitHub organization for repositories and branches containing a Jenkinsfile, and create corresponding pipelines in Jenkins. It did not properly check the current user's authentication and authorization when configuring existing GitHub organization folders. This allowed users with read access to the GitHub organization folder to reconfigure it, including changing the GitHub API endpoint for the organization folder to an attacker-controlled server to obtain the GitHub access token, if the organization folder was initially created using Blue Ocean.
409 CVE-2017-1000109 79 XSS 2017-10-05 2017-10-19
4.3
None Remote Medium Not required None Partial None
The custom Details view of the Static Analysis Utilities based OWASP Dependency-Check Plugin, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to this plugin could insert arbitrary HTML into this view.
410 CVE-2017-1000104 269 2017-10-05 2019-10-03
4.0
None Remote Low ??? Partial None None
The Config File Provider Plugin is used to centrally manage configuration files that often include secrets, such as passwords. Users with only Overall/Read access to Jenkins were able to access URLs directly that allowed viewing these files. Access to view these files now requires sufficient permissions to configure the provided files, view the configuration of the folder in which the configuration files are defined, or have Job/Configure permissions to a job able to use these files.
411 CVE-2017-1000095 732 2017-10-05 2019-10-03
4.0
None Remote Low ??? Partial None None
The default whitelist included the following unsafe entries: DefaultGroovyMethods.putAt(Object, String, Object); DefaultGroovyMethods.getAt(Object, String). These allowed circumventing many of the access restrictions implemented in the script sandbox by using e.g. currentBuild['rawBuild'] rather than currentBuild.rawBuild. Additionally, the following entries allowed accessing private data that would not be accessible otherwise due to script security: groovy.json.JsonOutput.toJson(Closure); groovy.json.JsonOutput.toJson(Object).
412 CVE-2017-1000094 200 +Info 2017-10-05 2017-10-17
4.0
None Remote Low ??? Partial None None
Docker Commons Plugin provides a list of applicable credential IDs to allow users configuring a job to select the one they'd like to use to authenticate with a Docker Registry. This functionality did not check permissions, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those could be used as part of an attack to capture the credentials using another vulnerability.
413 CVE-2017-1000087 200 +Info 2017-10-05 2017-11-02
4.0
None Remote Low ??? Partial None None
GitHub Branch Source provides a list of applicable credential IDs to allow users configuring a job to select the one they'd like to use. This functionality did not check permissions, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those could be used as part of an attack to capture the credentials using another vulnerability.
414 CVE-2017-1000085 352 CSRF 2017-10-05 2017-11-02
4.3
None Remote Medium Not required Partial None None
Subversion Plugin connects to a user-specified Subversion repository as part of form validation (e.g. to retrieve a list of tags). This functionality improperly checked permissions, allowing any user with Item/Build permission (but not Item/Configure) to connect to any web server or Subversion server and send credentials with a known ID, thereby possibly capturing them. Additionally, this functionality did not require POST requests be used, thereby allowing the above to be performed without direct access to Jenkins via Cross-Site Request Forgery attacks.
415 CVE-2017-1000084 276 2017-10-05 2019-10-03
4.0
None Remote Low ??? None Partial None
Parameterized Trigger Plugin fails to check Item/Build permission: The Parameterized Trigger Plugin did not check the build authentication it was running as and allowed triggering any other project in Jenkins.
416 CVE-2017-2651 200 +Info 2018-07-27 2019-10-09
4.3
None Remote Medium Not required Partial None None
jenkins-mailer-plugin before version 1.20 is vulnerable to an information disclosure while using the feature to send emails to a dynamically created list of users based on the changelogs. This could in some cases result in emails being sent to people who have no user account in Jenkins, and in rare cases even people who were not involved in whatever project was being built, due to some mapping based on the local-part of email addresses.
417 CVE-2017-2611 863 2018-05-08 2020-09-09
4.0
None Remote Low ??? None None Partial
Jenkins before versions 2.44, 2.32.2 is vulnerable to an insufficient permission check for periodic processes (SECURITY-389). The URLs /workspaceCleanup and /fingerprintCleanup did not perform permission checks, allowing users with read access to Jenkins to trigger these background processes (that are otherwise performed daily), possibly causing additional load on Jenkins master and agents.
418 CVE-2017-2609 200 +Info 2018-05-22 2019-10-09
4.0
None Remote Low ??? Partial None None
jenkins before versions 2.44, 2.32.2 is vulnerable to an information disclosure vulnerability in search suggestions (SECURITY-385). The autocomplete feature on the search box discloses the names of the views in its suggestions, including the ones for which the current user does not have access to.
419 CVE-2017-2606 200 +Info 2018-05-08 2019-10-09
4.0
None Remote Low ??? Partial None None
Jenkins before versions 2.44, 2.32.2 is vulnerable to an information exposure in the internal API that allows access to item names that should not be visible (SECURITY-380). This only affects anonymous users (other users legitimately have access) that were able to get a list of items via an UnprotectedRootAction.
420 CVE-2017-2604 287 2018-05-15 2019-10-09
4.0
None Remote Low ??? None Partial None
In Jenkins before versions 2.44, 2.32.2 low privilege users were able to act on administrative monitors due to them not being consistently protected by permission checks (SECURITY-371).
421 CVE-2017-2602 2018-05-15 2019-10-09
4.0
None Remote Low ??? None Partial None
jenkins before versions 2.44, 2.32.2 is vulnerable to an improper blacklisting of the Pipeline metadata files in the agent-to-master security subsystem. This could allow metadata files to be written to by malicious agents (SECURITY-358).
422 CVE-2017-2600 200 +Info 2018-05-15 2019-10-09
4.0
None Remote Low ??? Partial None None
In jenkins before versions 2.44, 2.32.2 node monitor data could be viewed by low privilege users via the remote API. These included system configuration and runtime information of these nodes (SECURITY-343).
423 CVE-2017-2598 326 2018-05-23 2019-10-09
4.0
None Remote Low ??? Partial None None
Jenkins before versions 2.44, 2.32.2 uses AES ECB block cipher mode without IV for encrypting secrets which makes Jenkins and the stored secrets vulnerable to unnecessary risks (SECURITY-304).
424 CVE-2016-4988 79 XSS 2017-02-09 2019-10-28
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer plugin before 1.16.0 in Jenkins allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter.
425 CVE-2016-4987 22 Dir. Trav. 2017-02-09 2019-10-28
4.0
None Remote Low ??? Partial None None
Directory traversal vulnerability in the Image Gallery plugin before 1.4 in Jenkins allows remote attackers to list arbitrary directories and read arbitrary files via unspecified form fields.
426 CVE-2016-3727 200 +Info 2016-05-17 2018-01-05
4.0
None Remote Low ??? Partial None None
The API URL computer/(master)/api/xml in Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users with extended read permission for the master node to obtain sensitive information about the global configuration via unspecified vectors.
427 CVE-2016-3724 200 +Info 2016-05-17 2018-01-05
4.0
None Remote Low ??? Partial None None
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password information by reading a job configuration.
428 CVE-2016-3723 200 +Info 2016-05-17 2018-01-05
4.0
None Remote Low ??? Partial None None
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with read access to obtain sensitive plugin installation information by leveraging missing permissions checks in unspecified XML/JSON API endpoints.
429 CVE-2016-3722 264 DoS 2016-05-17 2018-01-05
4.0
None Remote Low ??? None None Partial
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with multiple accounts to cause a denial of service (unable to login) by editing the "full name."
430 CVE-2016-3721 17 2016-05-17 2018-01-05
4.0
None Remote Low ??? None Partial None
Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables.
431 CVE-2016-0789 20 Http R.Spl. 2016-04-07 2018-01-05
4.3
None Remote Medium Not required None Partial None
CRLF injection vulnerability in the CLI command documentation in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
432 CVE-2015-5326 79 XSS 2015-11-25 2019-12-17
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the slave overview page in Jenkins before 1.638 and LTS before 1.625.2 allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the slave offline status message.
433 CVE-2015-1813 79 XSS 2015-10-16 2016-06-15
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-1812.
434 CVE-2015-1812 79 XSS 2015-10-16 2016-06-15
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-1813.
435 CVE-2015-1810 264 +Priv 2015-10-16 2016-06-15
4.6
None Remote High ??? Partial Partial Partial
The HudsonPrivateSecurityRealm class in Jenkins before 1.600 and LTS before 1.596.1 does not restrict access to reserved names when using the "Jenkins' own user database" setting, which allows remote attackers to gain privileges by creating a reserved name.
436 CVE-2014-3681 79 XSS 2014-10-15 2018-12-18
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
437 CVE-2014-3680 200 +Info 2014-10-16 2016-06-15
4.0
None Remote Low ??? Partial None None
Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/READ permission to obtain the default value for the password field of a parameterized job by reading the DOM.
438 CVE-2014-3667 200 +Info 2014-10-16 2016-06-15
4.0
None Remote Low ??? Partial None None
Jenkins before 1.583 and LTS before 1.565.3 does not properly prevent downloading of plugins, which allows remote authenticated users with the Overall/READ permission to obtain sensitive information by reading the plugin code.
439 CVE-2014-3664 22 Dir. Trav. 2014-10-15 2017-08-29
4.0
None Remote Low ??? Partial None None
Directory traversal vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Overall/READ permission to read arbitrary files via unspecified vectors.
440 CVE-2014-2065 79 XSS 2014-10-17 2016-06-13
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to inject arbitrary web script or HTML via the iconSize cookie.
441 CVE-2013-7330 264 2014-10-17 2016-06-13
4.0
None Remote Low ??? None Partial None
Jenkins before 1.502 allows remote authenticated users to configure an otherwise restricted project via vectors related to post-build actions.
442 CVE-2013-5573 79 1 XSS 2013-12-31 2017-08-29
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in the default markup formatter in Jenkins 1.523 allows remote attackers to inject arbitrary web script or HTML via the Description field in the user configuration.
443 CVE-2013-0331 20 DoS 2013-03-19 2016-06-13
4.0
None Remote Low ??? None None Partial
Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to cause a denial of service via a crafted payload.
444 CVE-2013-0330 2013-03-19 2016-06-13
4.0
None Remote Low ??? None Partial None
Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors.
445 CVE-2013-0328 352 XSS 2013-03-19 2016-06-13
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
446 CVE-2012-6072 20 Http R.Spl. 2013-02-24 2018-10-30
4.3
None Remote Medium Not required None Partial None
CRLF injection vulnerability in Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
447 CVE-2012-4441 79 XSS 2019-11-18 2019-11-19
4.3
None Remote Medium Not required None Partial None
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the CI game plugin.
448 CVE-2012-4440 79 XSS 2019-11-18 2019-11-19
4.3
None Remote Medium Not required None Partial None
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML in the Violations plugin.
449 CVE-2012-4439 79 XSS 2019-11-18 2019-11-19
4.3
None Remote Medium Not required None Partial None
Cross-site Scripting (XSS) in Jenkins main before 1.482 and LTS before 1.466.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL that points to Jenkins.
450 CVE-2012-0325 79 XSS 2012-03-09 2018-10-30
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Jenkins before 1.454, Jenkins LTS before 1.424.5, and Jenkins Enterprise 1.400.x before 1.400.0.13 and 1.424.x before 1.424.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0324.
Total number of vulnerabilities : 442   Page : 1 2 3 4 5 6 7 8 9 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.