Vulnerabilites related to jenkins - email_extension
Vulnerability from fkie_nvd
Published
2023-02-15 14:15
Modified
2025-03-19 19:15
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Jenkins Email Extension Plugin 2.93 and earlier does not escape various fields included in bundled email templates, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control affected fields.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://www.openwall.com/lists/oss-security/2023/02/15/4 | Mailing List, Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2931 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/02/15/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2931 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | email_extension | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jenkins:email_extension:*:*:*:*:*:jenkins:*:*", matchCriteriaId: "0EAD1FED-8A76-46BE-BA9A-4407E1368FE4", versionEndExcluding: "2.93.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Jenkins Email Extension Plugin 2.93 and earlier does not escape various fields included in bundled email templates, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control affected fields.", }, ], id: "CVE-2023-25763", lastModified: "2025-03-19T19:15:39.867", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-02-15T14:15:13.543", references: [ { source: "jenkinsci-cert@googlegroups.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/02/15/4", }, { source: "jenkinsci-cert@googlegroups.com", tags: [ "Vendor Advisory", ], url: "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2931", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/02/15/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2931", }, ], sourceIdentifier: "jenkinsci-cert@googlegroups.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-16 16:15
Modified
2025-01-23 16:15
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Summary
A cross-site request forgery (CSRF) vulnerability in Jenkins Email Extension Plugin allows attackers to make another user stop watching an attacker-specified job.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | email_extension | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jenkins:email_extension:*:*:*:*:*:jenkins:*:*", matchCriteriaId: "9535EDB3-7B12-415E-BF46-065A4840C828", versionEndIncluding: "2.96", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A cross-site request forgery (CSRF) vulnerability in Jenkins Email Extension Plugin allows attackers to make another user stop watching an attacker-specified job.", }, ], id: "CVE-2023-32980", lastModified: "2025-01-23T16:15:29.967", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-05-16T16:15:10.753", references: [ { source: "jenkinsci-cert@googlegroups.com", tags: [ "Vendor Advisory", ], url: "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3088%20(2)", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3088%20(2)", }, ], sourceIdentifier: "jenkinsci-cert@googlegroups.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-352", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-352", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2018-05-08 15:29
Modified
2024-11-21 03:39
Severity ?
Summary
An exposure of sensitive information vulnerability exists in Jenkins Email Extension Plugin 2.61 and older in src/main/resources/hudson/plugins/emailext/ExtendedEmailPublisher/global.groovy and ExtendedEmailPublisherDescriptor.java that allows attackers with control of a Jenkins administrator's web browser (e.g. malicious extension) to retrieve the configured SMTP password.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://jenkins.io/security/advisory/2018-04-16/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2018-04-16/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | email_extension | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jenkins:email_extension:*:*:*:*:*:jenkins:*:*", matchCriteriaId: "139B8DE8-92AB-4F2C-88EE-EF8FB2D52611", versionEndIncluding: "2.61", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An exposure of sensitive information vulnerability exists in Jenkins Email Extension Plugin 2.61 and older in src/main/resources/hudson/plugins/emailext/ExtendedEmailPublisher/global.groovy and ExtendedEmailPublisherDescriptor.java that allows attackers with control of a Jenkins administrator's web browser (e.g. malicious extension) to retrieve the configured SMTP password.", }, { lang: "es", value: "Existe una vulnerabilidad de exposición de información sensible en el plugin Email Extension en versiones 2.61 y posteriores para Jenkins en src/main/resources/hudson/plugins/emailext/ExtendedEmailPublisher/global.groovy y ExtendedEmailPublisherDescriptor.java que permite que los atacantes que tengan el control del navegador web del administrador de Jenkinks (por ejemplo, una extensión maliciosa) recuperen la contraseña SMTP configurada.", }, ], id: "CVE-2018-1000176", lastModified: "2024-11-21T03:39:51.363", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "NONE", baseScore: 4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:S/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-05-08T15:29:00.410", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://jenkins.io/security/advisory/2018-04-16/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://jenkins.io/security/advisory/2018-04-16/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-08-06 22:29
Modified
2024-11-21 03:23
Severity ?
3.7 (Low) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
jenkins-email-ext before version 2.57.1 is vulnerable to an Information Exposure. The Email Extension Plugins is able to send emails to a dynamically created list of users based on the changelogs, like authors of SCM changes since the last successful build. This could in some cases result in emails being sent to people who have no user account in Jenkins, and in rare cases even people who were not involved in whatever project was being built, due to some mapping based on the local-part of email addresses.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2654 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://jenkins.io/security/advisory/2017-03-20/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2654 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2017-03-20/ | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | email_extension | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jenkins:email_extension:*:*:*:*:*:jenkins:*:*", matchCriteriaId: "974DEFB4-058D-421D-92CB-41EDC610E22E", versionEndExcluding: "2.57.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "jenkins-email-ext before version 2.57.1 is vulnerable to an Information Exposure. The Email Extension Plugins is able to send emails to a dynamically created list of users based on the changelogs, like authors of SCM changes since the last successful build. This could in some cases result in emails being sent to people who have no user account in Jenkins, and in rare cases even people who were not involved in whatever project was being built, due to some mapping based on the local-part of email addresses.", }, { lang: "es", value: "jenkins-email-ext en versiones anteriores a la 2.57.1 es vulnerable a una exposición de información. Email Extension Plugins puede enviar emails a una lista de usuarios creada dinámicamente en base a los changelogs, como los autores de cambios en SCM desde la última build exitosa. En algunos casos, esto podría resultar en el envío de emails a personas que no tienen cuenta de usuario en Jenkins y, en casos más raros, incluso a personas que no estuvieron implicadas en el proyecto que se esté realizando, debido al mapeo basado en la parte local de las direcciones de email.", }, ], id: "CVE-2017-2654", lastModified: "2024-11-21T03:23:55.120", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 1.4, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-08-06T22:29:00.280", references: [ { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2654", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://jenkins.io/security/advisory/2017-03-20/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2654", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://jenkins.io/security/advisory/2017-03-20/", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-05-16 16:15
Modified
2025-01-23 16:15
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
Jenkins Email Extension Plugin does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | email_extension | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jenkins:email_extension:*:*:*:*:*:jenkins:*:*", matchCriteriaId: "9535EDB3-7B12-415E-BF46-065A4840C828", versionEndIncluding: "2.96", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Jenkins Email Extension Plugin does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system.", }, ], id: "CVE-2023-32979", lastModified: "2025-01-23T16:15:29.793", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-05-16T16:15:10.673", references: [ { source: "jenkinsci-cert@googlegroups.com", tags: [ "Vendor Advisory", ], url: "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3088%20(1)", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3088%20(1)", }, ], sourceIdentifier: "jenkinsci-cert@googlegroups.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-732", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-732", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-08 21:29
Modified
2024-11-21 04:17
Severity ?
Summary
A sandbox bypass vulnerability exists in Jenkins Email Extension Plugin 2.64 and earlier in pom.xml, src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java, src/main/java/hudson/plugins/emailext/plugins/content/EmailExtScript.java, src/main/java/hudson/plugins/emailext/plugins/content/ScriptContent.java, src/main/java/hudson/plugins/emailext/plugins/trigger/AbstractScriptTrigger.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://www.securityfocus.com/bid/107476 | Third Party Advisory, VDB Entry | |
| jenkinsci-cert@googlegroups.com | https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1340 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107476 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1340 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | email_extension | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jenkins:email_extension:*:*:*:*:*:jenkins:*:*", matchCriteriaId: "54B60B71-2D72-48D3-8B50-260D397D6DF7", versionEndIncluding: "2.64", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A sandbox bypass vulnerability exists in Jenkins Email Extension Plugin 2.64 and earlier in pom.xml, src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java, src/main/java/hudson/plugins/emailext/plugins/content/EmailExtScript.java, src/main/java/hudson/plugins/emailext/plugins/content/ScriptContent.java, src/main/java/hudson/plugins/emailext/plugins/trigger/AbstractScriptTrigger.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM.", }, { lang: "es", value: "Existe una vulnerabilidad de omisión de sandbox en el plugin Jenkins Email Extension, en su versión 2.64 y anteriores, en pom.xml, src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java, src/main/java/hudson/plugins/emailext/plugins/content/EmailExtScript.java, src/main/java/hudson/plugins/emailext/plugins/content/ScriptContent.java y src/main/java/hudson/plugins/emailext/plugins/trigger/AbstractScriptTrigger.jav que permite a los atacantes con permisos de \"Job/Configure\" ejecutar código arbitrario en el maestro JVM de Jenkins.", }, ], id: "CVE-2019-1003032", lastModified: "2024-11-21T04:17:46.590", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-08T21:29:00.420", references: [ { source: "jenkinsci-cert@googlegroups.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107476", }, { source: "jenkinsci-cert@googlegroups.com", tags: [ "Vendor Advisory", ], url: "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1340", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107476", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1340", }, ], sourceIdentifier: "jenkinsci-cert@googlegroups.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-09-16 14:15
Modified
2024-11-21 05:25
Severity ?
Summary
Jenkins Email Extension Plugin 2.75 and earlier does not perform hostname validation when connecting to the configured SMTP server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | email_extension | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jenkins:email_extension:*:*:*:*:*:jenkins:*:*", matchCriteriaId: "B4E98509-EF05-444B-AE18-ACEBD5F55C85", versionEndIncluding: "2.75", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Jenkins Email Extension Plugin 2.75 and earlier does not perform hostname validation when connecting to the configured SMTP server.", }, { lang: "es", value: "Jenkins Email Extension Plugin versiones 2.75 y anteriores, no lleva a cabo la comprobación del hostname cuando se conecta al servidor SMTP configurado", }, ], id: "CVE-2020-2253", lastModified: "2024-11-21T05:25:06.083", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.8, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 2.5, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-09-16T14:15:13.097", references: [ { source: "jenkinsci-cert@googlegroups.com", tags: [ "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/09/16/3", }, { source: "jenkinsci-cert@googlegroups.com", tags: [ "Vendor Advisory", ], url: "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1851", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/09/16/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1851", }, ], sourceIdentifier: "jenkinsci-cert@googlegroups.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-295", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-08-12 14:15
Modified
2024-11-21 05:25
Severity ?
Summary
Jenkins Email Extension Plugin 2.72 and 2.73 transmits and displays the SMTP password in plain text as part of the global Jenkins configuration form, potentially resulting in its exposure.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://www.openwall.com/lists/oss-security/2020/08/12/4 | Mailing List, Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1975 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2020/08/12/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1975 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | email_extension | 2.72 | |
| jenkins | email_extension | 2.73 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jenkins:email_extension:2.72:*:*:*:*:jenkins:*:*", matchCriteriaId: "5481330F-72C8-45BC-B206-51D524B53B12", vulnerable: true, }, { criteria: "cpe:2.3:a:jenkins:email_extension:2.73:*:*:*:*:jenkins:*:*", matchCriteriaId: "9738E957-891A-42C7-A27C-113BC16F87AE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Jenkins Email Extension Plugin 2.72 and 2.73 transmits and displays the SMTP password in plain text as part of the global Jenkins configuration form, potentially resulting in its exposure.", }, { lang: "es", value: "Jenkins Email Extension Plugin versiones 2.72 y 2.73, transmite y muestra la contraseña SMTP en texto plano como parte del formulario de configuración global de Jenkins, resultando potencialmente en su exposición", }, ], id: "CVE-2020-2232", lastModified: "2024-11-21T05:25:01.887", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-08-12T14:15:13.330", references: [ { source: "jenkinsci-cert@googlegroups.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/08/12/4", }, { source: "jenkinsci-cert@googlegroups.com", tags: [ "Vendor Advisory", ], url: "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1975", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/08/12/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1975", }, ], sourceIdentifier: "jenkinsci-cert@googlegroups.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-319", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-15 14:15
Modified
2025-03-19 17:15
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Jenkins Email Extension Plugin 2.93 and earlier does not escape, sanitize, or sandbox rendered email template output or log output generated during template rendering, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or change custom email templates.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://www.openwall.com/lists/oss-security/2023/02/15/4 | Mailing List, Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2934 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/02/15/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2934 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | email_extension | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jenkins:email_extension:*:*:*:*:*:jenkins:*:*", matchCriteriaId: "0EAD1FED-8A76-46BE-BA9A-4407E1368FE4", versionEndExcluding: "2.93.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Jenkins Email Extension Plugin 2.93 and earlier does not escape, sanitize, or sandbox rendered email template output or log output generated during template rendering, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or change custom email templates.", }, ], id: "CVE-2023-25764", lastModified: "2025-03-19T17:15:38.530", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.3, impactScore: 2.7, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-02-15T14:15:13.617", references: [ { source: "jenkinsci-cert@googlegroups.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/02/15/4", }, { source: "jenkinsci-cert@googlegroups.com", tags: [ "Vendor Advisory", ], url: "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2934", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/02/15/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2934", }, ], sourceIdentifier: "jenkinsci-cert@googlegroups.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-02-15 14:15
Modified
2025-03-19 17:15
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
In Jenkins Email Extension Plugin 2.93 and earlier, templates defined inside a folder were not subject to Script Security protection, allowing attackers able to define email templates in folders to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| jenkinsci-cert@googlegroups.com | http://www.openwall.com/lists/oss-security/2023/02/15/4 | Mailing List, Third Party Advisory | |
| jenkinsci-cert@googlegroups.com | https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2939 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2023/02/15/4 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2939 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| jenkins | email_extension | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jenkins:email_extension:*:*:*:*:*:jenkins:*:*", matchCriteriaId: "0EAD1FED-8A76-46BE-BA9A-4407E1368FE4", versionEndExcluding: "2.93.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In Jenkins Email Extension Plugin 2.93 and earlier, templates defined inside a folder were not subject to Script Security protection, allowing attackers able to define email templates in folders to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.", }, ], id: "CVE-2023-25765", lastModified: "2025-03-19T17:15:38.733", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-02-15T14:15:13.700", references: [ { source: "jenkinsci-cert@googlegroups.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/02/15/4", }, { source: "jenkinsci-cert@googlegroups.com", tags: [ "Vendor Advisory", ], url: "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2939", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2023/02/15/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2939", }, ], sourceIdentifier: "jenkinsci-cert@googlegroups.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-693", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
cve-2018-1000176
Vulnerability from cvelistv5
Published
2018-05-08 15:00
Modified
2024-09-16 22:45
Severity ?
EPSS score ?
Summary
An exposure of sensitive information vulnerability exists in Jenkins Email Extension Plugin 2.61 and older in src/main/resources/hudson/plugins/emailext/ExtendedEmailPublisher/global.groovy and ExtendedEmailPublisherDescriptor.java that allows attackers with control of a Jenkins administrator's web browser (e.g. malicious extension) to retrieve the configured SMTP password.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2018-04-16/ | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T12:33:49.412Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://jenkins.io/security/advisory/2018-04-16/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], dateAssigned: "2018-04-30T00:00:00", descriptions: [ { lang: "en", value: "An exposure of sensitive information vulnerability exists in Jenkins Email Extension Plugin 2.61 and older in src/main/resources/hudson/plugins/emailext/ExtendedEmailPublisher/global.groovy and ExtendedEmailPublisherDescriptor.java that allows attackers with control of a Jenkins administrator's web browser (e.g. malicious extension) to retrieve the configured SMTP password.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-05-08T15:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://jenkins.io/security/advisory/2018-04-16/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", DATE_ASSIGNED: "2018-04-30T20:15:49.357035", DATE_REQUESTED: "2018-04-16T00:00:00", ID: "CVE-2018-1000176", REQUESTER: "ml@beckweb.net", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An exposure of sensitive information vulnerability exists in Jenkins Email Extension Plugin 2.61 and older in src/main/resources/hudson/plugins/emailext/ExtendedEmailPublisher/global.groovy and ExtendedEmailPublisherDescriptor.java that allows attackers with control of a Jenkins administrator's web browser (e.g. malicious extension) to retrieve the configured SMTP password.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://jenkins.io/security/advisory/2018-04-16/", refsource: "CONFIRM", url: "https://jenkins.io/security/advisory/2018-04-16/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-1000176", datePublished: "2018-05-08T15:00:00Z", dateReserved: "2018-05-08T00:00:00Z", dateUpdated: "2024-09-16T22:45:15.588Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-2232
Vulnerability from cvelistv5
Published
2020-08-12 13:25
Modified
2024-08-04 07:01
Severity ?
EPSS score ?
Summary
Jenkins Email Extension Plugin 2.72 and 2.73 transmits and displays the SMTP password in plain text as part of the global Jenkins configuration form, potentially resulting in its exposure.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1975 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2020/08/12/4 | mailing-list, x_refsource_MLIST |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Jenkins project | Jenkins Email Extension Plugin |
Version: 2.72 < unspecified Version: unspecified < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:01:41.190Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1975", }, { name: "[oss-security] 20200812 Multiple vulnerabilities in Jenkins and Jenkins plugins", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2020/08/12/4", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Jenkins Email Extension Plugin", vendor: "Jenkins project", versions: [ { lessThan: "unspecified", status: "affected", version: "2.72", versionType: "custom", }, { lessThanOrEqual: "2.73", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", value: "Jenkins Email Extension Plugin 2.72 and 2.73 transmits and displays the SMTP password in plain text as part of the global Jenkins configuration form, potentially resulting in its exposure.", }, ], providerMetadata: { dateUpdated: "2023-10-24T16:07:29.894Z", orgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", shortName: "jenkins", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1975", }, { name: "[oss-security] 20200812 Multiple vulnerabilities in Jenkins and Jenkins plugins", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2020/08/12/4", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "jenkinsci-cert@googlegroups.com", ID: "CVE-2020-2232", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Jenkins Email Extension Plugin", version: { version_data: [ { version_affected: ">=", version_value: "2.72", }, { version_affected: "<=", version_value: "2.73", }, ], }, }, ], }, vendor_name: "Jenkins project", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Jenkins Email Extension Plugin 2.72 and 2.73 transmits and displays the SMTP password in plain text as part of the global Jenkins configuration form, potentially resulting in its exposure.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-319: Cleartext Transmission of Sensitive Information", }, ], }, ], }, references: { reference_data: [ { name: "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1975", refsource: "CONFIRM", url: "https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1975", }, { name: "[oss-security] 20200812 Multiple vulnerabilities in Jenkins and Jenkins plugins", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2020/08/12/4", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", assignerShortName: "jenkins", cveId: "CVE-2020-2232", datePublished: "2020-08-12T13:25:22", dateReserved: "2019-12-05T00:00:00", dateUpdated: "2024-08-04T07:01:41.190Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-25764
Vulnerability from cvelistv5
Published
2023-02-15 00:00
Modified
2025-03-19 16:24
Severity ?
EPSS score ?
Summary
Jenkins Email Extension Plugin 2.93 and earlier does not escape, sanitize, or sandbox rendered email template output or log output generated during template rendering, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or change custom email templates.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Jenkins Project | Jenkins Email Extension Plugin |
Version: 0 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T11:32:12.218Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2934", }, { name: "[oss-security] 20230215 Multiple vulnerabilities in Jenkins plugins", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/02/15/4", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-25764", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-19T16:24:22.210634Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-19T16:24:33.099Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "Jenkins Email Extension Plugin", vendor: "Jenkins Project", versions: [ { lessThanOrEqual: "2.93", status: "affected", version: "0", versionType: "maven", }, { status: "unaffected", version: "2.89.0.1", }, ], }, ], descriptions: [ { lang: "en", value: "Jenkins Email Extension Plugin 2.93 and earlier does not escape, sanitize, or sandbox rendered email template output or log output generated during template rendering, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or change custom email templates.", }, ], providerMetadata: { dateUpdated: "2023-10-24T14:16:55.183Z", orgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", shortName: "jenkins", }, references: [ { url: "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2934", }, { name: "[oss-security] 20230215 Multiple vulnerabilities in Jenkins plugins", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/02/15/4", }, ], }, }, cveMetadata: { assignerOrgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", assignerShortName: "jenkins", cveId: "CVE-2023-25764", datePublished: "2023-02-15T00:00:00.000Z", dateReserved: "2023-02-14T00:00:00.000Z", dateUpdated: "2025-03-19T16:24:33.099Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-2654
Vulnerability from cvelistv5
Published
2018-08-06 22:00
Modified
2024-08-05 14:02
Severity ?
EPSS score ?
Summary
jenkins-email-ext before version 2.57.1 is vulnerable to an Information Exposure. The Email Extension Plugins is able to send emails to a dynamically created list of users based on the changelogs, like authors of SCM changes since the last successful build. This could in some cases result in emails being sent to people who have no user account in Jenkins, and in rare cases even people who were not involved in whatever project was being built, due to some mapping based on the local-part of email addresses.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2654 | x_refsource_CONFIRM | |
| https://jenkins.io/security/advisory/2017-03-20/ | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| [UNKNOWN] | jenkins-email-ext |
Version: 2.57.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:02:06.940Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2654", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://jenkins.io/security/advisory/2017-03-20/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "jenkins-email-ext", vendor: "[UNKNOWN]", versions: [ { status: "affected", version: "2.57.1", }, ], }, ], datePublic: "2017-03-20T00:00:00", descriptions: [ { lang: "en", value: "jenkins-email-ext before version 2.57.1 is vulnerable to an Information Exposure. The Email Extension Plugins is able to send emails to a dynamically created list of users based on the changelogs, like authors of SCM changes since the last successful build. This could in some cases result in emails being sent to people who have no user account in Jenkins, and in rare cases even people who were not involved in whatever project was being built, due to some mapping based on the local-part of email addresses.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.7, baseSeverity: "LOW", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2018-08-06T21:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2654", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://jenkins.io/security/advisory/2017-03-20/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2017-2654", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "jenkins-email-ext", version: { version_data: [ { version_value: "2.57.1", }, ], }, }, ], }, vendor_name: "[UNKNOWN]", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "jenkins-email-ext before version 2.57.1 is vulnerable to an Information Exposure. The Email Extension Plugins is able to send emails to a dynamically created list of users based on the changelogs, like authors of SCM changes since the last successful build. This could in some cases result in emails being sent to people who have no user account in Jenkins, and in rare cases even people who were not involved in whatever project was being built, due to some mapping based on the local-part of email addresses.", }, ], }, impact: { cvss: [ [ { vectorString: "3.7/CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-200", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2654", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2654", }, { name: "https://jenkins.io/security/advisory/2017-03-20/", refsource: "CONFIRM", url: "https://jenkins.io/security/advisory/2017-03-20/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2017-2654", datePublished: "2018-08-06T22:00:00", dateReserved: "2016-12-01T00:00:00", dateUpdated: "2024-08-05T14:02:06.940Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32979
Vulnerability from cvelistv5
Published
2023-05-16 16:00
Modified
2025-01-23 16:04
Severity ?
EPSS score ?
Summary
Jenkins Email Extension Plugin does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3088%20(1) | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Jenkins Project | Jenkins Email Extension Plugin |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.506Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "Jenkins Security Advisory 2023-05-16", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3088%20(1)", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-32979", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-23T16:03:36.350483Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-732", description: "CWE-732 Incorrect Permission Assignment for Critical Resource", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-23T16:04:34.885Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "Jenkins Email Extension Plugin", vendor: "Jenkins Project", versions: [ { lessThan: "*", status: "unaffected", version: "2.96.1", versionType: "maven", }, { lessThan: "2.89.0.*", status: "unaffected", version: "2.89.0.2", versionType: "maven", }, ], }, ], descriptions: [ { lang: "en", value: "Jenkins Email Extension Plugin does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system.", }, ], providerMetadata: { dateUpdated: "2023-10-24T12:49:58.935Z", orgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", shortName: "jenkins", }, references: [ { name: "Jenkins Security Advisory 2023-05-16", tags: [ "vendor-advisory", ], url: "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3088%20(1)", }, ], }, }, cveMetadata: { assignerOrgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", assignerShortName: "jenkins", cveId: "CVE-2023-32979", datePublished: "2023-05-16T16:00:00.471Z", dateReserved: "2023-05-16T10:55:43.518Z", dateUpdated: "2025-01-23T16:04:34.885Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-25763
Vulnerability from cvelistv5
Published
2023-02-15 00:00
Modified
2025-03-19 18:47
Severity ?
EPSS score ?
Summary
Jenkins Email Extension Plugin 2.93 and earlier does not escape various fields included in bundled email templates, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control affected fields.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Jenkins Project | Jenkins Email Extension Plugin |
Version: unspecified < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T11:32:12.390Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2931", }, { name: "[oss-security] 20230215 Multiple vulnerabilities in Jenkins plugins", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/02/15/4", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-25763", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-03-19T18:47:30.417127Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-19T18:47:34.681Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Jenkins Email Extension Plugin", vendor: "Jenkins Project", versions: [ { lessThanOrEqual: "2.93", status: "affected", version: "unspecified", versionType: "custom", }, { status: "unaffected", version: "2.89.0.1", }, ], }, ], descriptions: [ { lang: "en", value: "Jenkins Email Extension Plugin 2.93 and earlier does not escape various fields included in bundled email templates, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control affected fields.", }, ], providerMetadata: { dateUpdated: "2023-10-24T12:48:56.193Z", orgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", shortName: "jenkins", }, references: [ { url: "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2931", }, { name: "[oss-security] 20230215 Multiple vulnerabilities in Jenkins plugins", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/02/15/4", }, ], }, }, cveMetadata: { assignerOrgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", assignerShortName: "jenkins", cveId: "CVE-2023-25763", datePublished: "2023-02-15T00:00:00.000Z", dateReserved: "2023-02-14T00:00:00.000Z", dateUpdated: "2025-03-19T18:47:34.681Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-2253
Vulnerability from cvelistv5
Published
2020-09-16 13:20
Modified
2024-08-04 07:01
Severity ?
EPSS score ?
Summary
Jenkins Email Extension Plugin 2.75 and earlier does not perform hostname validation when connecting to the configured SMTP server.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1851 | x_refsource_CONFIRM | |
| http://www.openwall.com/lists/oss-security/2020/09/16/3 | mailing-list, x_refsource_MLIST |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Jenkins project | Jenkins Email Extension Plugin |
Version: unspecified < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:01:41.510Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1851", }, { name: "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2020/09/16/3", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Jenkins Email Extension Plugin", vendor: "Jenkins project", versions: [ { lessThanOrEqual: "2.75", status: "affected", version: "unspecified", versionType: "custom", }, { status: "unaffected", version: "2.69.1", }, { status: "unaffected", version: "2.68.1", }, ], }, ], descriptions: [ { lang: "en", value: "Jenkins Email Extension Plugin 2.75 and earlier does not perform hostname validation when connecting to the configured SMTP server.", }, ], providerMetadata: { dateUpdated: "2023-10-24T16:07:55.337Z", orgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", shortName: "jenkins", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1851", }, { name: "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2020/09/16/3", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "jenkinsci-cert@googlegroups.com", ID: "CVE-2020-2253", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Jenkins Email Extension Plugin", version: { version_data: [ { version_affected: "<=", version_value: "2.75", }, { version_affected: "!", version_value: "2.69.1", }, { version_affected: "!", version_value: "2.68.1", }, ], }, }, ], }, vendor_name: "Jenkins project", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Jenkins Email Extension Plugin 2.75 and earlier does not perform hostname validation when connecting to the configured SMTP server.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-297: Improper Validation of Certificate with Host Mismatch", }, ], }, ], }, references: { reference_data: [ { name: "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1851", refsource: "CONFIRM", url: "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1851", }, { name: "[oss-security] 20200916 Multiple vulnerabilities in Jenkins plugins", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2020/09/16/3", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", assignerShortName: "jenkins", cveId: "CVE-2020-2253", datePublished: "2020-09-16T13:20:39", dateReserved: "2019-12-05T00:00:00", dateUpdated: "2024-08-04T07:01:41.510Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-32980
Vulnerability from cvelistv5
Published
2023-05-16 16:00
Modified
2025-01-23 16:02
Severity ?
EPSS score ?
Summary
A cross-site request forgery (CSRF) vulnerability in Jenkins Email Extension Plugin allows attackers to make another user stop watching an attacker-specified job.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3088%20(2) | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Jenkins Project | Jenkins Email Extension Plugin |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:32:46.517Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "Jenkins Security Advisory 2023-05-16", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3088%20(2)", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2023-32980", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-23T16:02:33.968933Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-352", description: "CWE-352 Cross-Site Request Forgery (CSRF)", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-23T16:02:38.473Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { defaultStatus: "affected", product: "Jenkins Email Extension Plugin", vendor: "Jenkins Project", versions: [ { lessThan: "*", status: "unaffected", version: "2.96.1", versionType: "maven", }, { lessThan: "2.89.0.*", status: "unaffected", version: "2.89.0.2", versionType: "maven", }, ], }, ], descriptions: [ { lang: "en", value: "A cross-site request forgery (CSRF) vulnerability in Jenkins Email Extension Plugin allows attackers to make another user stop watching an attacker-specified job.", }, ], providerMetadata: { dateUpdated: "2023-10-24T12:50:00.269Z", orgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", shortName: "jenkins", }, references: [ { name: "Jenkins Security Advisory 2023-05-16", tags: [ "vendor-advisory", ], url: "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3088%20(2)", }, ], }, }, cveMetadata: { assignerOrgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", assignerShortName: "jenkins", cveId: "CVE-2023-32980", datePublished: "2023-05-16T16:00:01.256Z", dateReserved: "2023-05-16T10:55:43.518Z", dateUpdated: "2025-01-23T16:02:38.473Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-1003032
Vulnerability from cvelistv5
Published
2019-03-08 21:00
Modified
2024-08-05 03:00
Severity ?
EPSS score ?
Summary
A sandbox bypass vulnerability exists in Jenkins Email Extension Plugin 2.64 and earlier in pom.xml, src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java, src/main/java/hudson/plugins/emailext/plugins/content/EmailExtScript.java, src/main/java/hudson/plugins/emailext/plugins/content/ScriptContent.java, src/main/java/hudson/plugins/emailext/plugins/trigger/AbstractScriptTrigger.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1340 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/107476 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Jenkins project | Jenkins Email Extension Plugin |
Version: 2.64 and earlier |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:00:19.346Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1340", }, { name: "107476", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107476", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Jenkins Email Extension Plugin", vendor: "Jenkins project", versions: [ { status: "affected", version: "2.64 and earlier", }, ], }, ], dateAssigned: "2019-03-06T00:00:00", datePublic: "2019-03-08T00:00:00", descriptions: [ { lang: "en", value: "A sandbox bypass vulnerability exists in Jenkins Email Extension Plugin 2.64 and earlier in pom.xml, src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java, src/main/java/hudson/plugins/emailext/plugins/content/EmailExtScript.java, src/main/java/hudson/plugins/emailext/plugins/content/ScriptContent.java, src/main/java/hudson/plugins/emailext/plugins/trigger/AbstractScriptTrigger.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM.", }, ], providerMetadata: { dateUpdated: "2023-10-24T16:45:07.733Z", orgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", shortName: "jenkins", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1340", }, { name: "107476", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107476", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "jenkinsci-cert@googlegroups.com", DATE_ASSIGNED: "2019-03-06T22:44:37.385288", ID: "CVE-2019-1003032", REQUESTER: "ml@beckweb.net", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Jenkins Email Extension Plugin", version: { version_data: [ { version_value: "2.64 and earlier", }, ], }, }, ], }, vendor_name: "Jenkins project", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A sandbox bypass vulnerability exists in Jenkins Email Extension Plugin 2.64 and earlier in pom.xml, src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java, src/main/java/hudson/plugins/emailext/plugins/content/EmailExtScript.java, src/main/java/hudson/plugins/emailext/plugins/content/ScriptContent.java, src/main/java/hudson/plugins/emailext/plugins/trigger/AbstractScriptTrigger.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-693", }, ], }, ], }, references: { reference_data: [ { name: "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1340", refsource: "CONFIRM", url: "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1340", }, { name: "107476", refsource: "BID", url: "http://www.securityfocus.com/bid/107476", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", assignerShortName: "jenkins", cveId: "CVE-2019-1003032", datePublished: "2019-03-08T21:00:00", dateReserved: "2019-03-08T00:00:00", dateUpdated: "2024-08-05T03:00:19.346Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-25765
Vulnerability from cvelistv5
Published
2023-02-15 00:00
Modified
2025-03-19 16:20
Severity ?
EPSS score ?
Summary
In Jenkins Email Extension Plugin 2.93 and earlier, templates defined inside a folder were not subject to Script Security protection, allowing attackers able to define email templates in folders to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Jenkins Project | Jenkins Email Extension Plugin |
Version: unspecified < |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T11:32:12.447Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2939", }, { name: "[oss-security] 20230215 Multiple vulnerabilities in Jenkins plugins", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/02/15/4", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-25765", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-19T16:20:47.805766Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-693", description: "CWE-693 Protection Mechanism Failure", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-19T16:20:52.614Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Jenkins Email Extension Plugin", vendor: "Jenkins Project", versions: [ { lessThanOrEqual: "2.93", status: "affected", version: "unspecified", versionType: "custom", }, { status: "unaffected", version: "2.89.0.1", }, ], }, ], descriptions: [ { lang: "en", value: "In Jenkins Email Extension Plugin 2.93 and earlier, templates defined inside a folder were not subject to Script Security protection, allowing attackers able to define email templates in folders to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM.", }, ], providerMetadata: { dateUpdated: "2023-10-24T12:48:58.427Z", orgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", shortName: "jenkins", }, references: [ { url: "https://www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2939", }, { name: "[oss-security] 20230215 Multiple vulnerabilities in Jenkins plugins", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/02/15/4", }, ], }, }, cveMetadata: { assignerOrgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", assignerShortName: "jenkins", cveId: "CVE-2023-25765", datePublished: "2023-02-15T00:00:00.000Z", dateReserved: "2023-02-14T00:00:00.000Z", dateUpdated: "2025-03-19T16:20:52.614Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }