Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the remote address of the host starting a build via ‘Trigger builds remotely’, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Job/Configure per…
[org.jenkins-ci.plugins:matrix-auth] Improper Neutralization of Input During Web Page Generation in Jenkins Matrix Authorization Strategy Plugin
Jenkins Matrix Authorization Strategy Plugin 2.6.1 and earlier does not escape user names shown in the configuration, resulting in a stored cross-site scripting vulnerability.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-2226
https://jenkins.i…
[org.apache.activemq:artemis-commons] nsufficiently Protected Credentials in ActiveMQ Artemis
A flaw was found in ActiveMQ Artemis management API from version 2.7.0 up until 2.12.0, where a user inadvertently stores passwords in plaintext in the Artemis shadow file (etc/artemis-users.properties file) when executing the resetUsers operation. A l…
[strapi] Improper Input Validation in strapi
Strapi before 3.0.2 could allow a remote authenticated attacker to bypass security restrictions because templates are stored in a global variable without any sanitation. By sending a specially crafted request, an attacker could exploit this vulnerabili…
[org.springframework.batch:spring-batch-core] Deserialization of Untrusted Data in Spring Batch
When configured to enable default typing, Jackson contained a deserialization vulnerability that could lead to arbitrary code execution. Jackson fixed this vulnerability by blacklisting known “deserialization gadgets”. Spring Batch configures Jackson w…
[MISP-maltego] Maltego incorrectly shares a MISP connection across users in a remote-transform use case
MISP MISP-maltego 1.4.4 incorrectly shares a MISP connection across users in a remote-transform use case. Version 1.4.5 contains a patch.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-12889
https://github.com/MISP/MISP-maltego/commit/3ccde66dab…
[io.undertow:undertow-core] Improper Authorization in Undertoe
A file inclusion vulnerability was found in the AJP connector enabled with a default AJP configuration port of 8009 in Undertow version 2.0.29.Final and before and was fixed in 2.0.30.Final. A remote, unauthenticated attacker could exploit this vulnera…
[io.undertow:undertow-core] Improper Input Validation in Undertoe
A flaw was found in all undertow-2.x.x SP1 versions prior to undertow-2.0.30.SP1, all undertow-1.x.x and undertow-2.x.x versions prior to undertow-2.1.0.Final, where the Servlet container causes servletPath to normalize incorrectly by truncating the pa…
[org.elasticsearch:elasticsearch] Improper Privilege Management in Elasticsearch
Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key being ge…
[com.gradle.plugin-publish:com.gradle.plugin-publish.gradle.plugin] Exposure of Sensitive Information in Gradle publish plugin
All versions of com.gradle.plugin-publish before 0.11.0 are vulnerable to Insertion of Sensitive Information into Log File. When a plugin author publishes a Gradle plugin while running Gradle with the –info log level flag, the Gradle Logger logs an AW…