Log

CVE-2018-19931 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not restricted.
References
+ https://sourceware.org/bugzilla/show_bug.cgi?id=23942
+ https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5f60af5d24d181371d67534fa273dd221df20c07
Notes
CVE-2018-19932 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Denial of service
Description
+ An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is an integer overflow and infinite loop caused by the IS_CONTAINED_BY_LMA macro in elf.c.
References
+ https://sourceware.org/bugzilla/show_bug.cgi?id=23932
+ https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=beab453223769279cc1cef68a1622ab8978641f7
Notes
CVE-2018-1999001 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ Unauthenticated users could provide maliciously crafted login credentials that cause Jenkins before 2.133 to move the config.xml file from the Jenkins home directory. This configuration file contains basic configuration of Jenkins, including the selected security realm and authorization strategy. If Jenkins is started without this file present, it will revert to the legacy defaults of granting administrator access to anonymous users. This issue was caused by the fix for SECURITY-499 in the 2017-11-08 security advisory.
References
+ https://jenkins.io/security/advisory/2018-07-18/
Notes
CVE-2018-1999002 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary filesystem access
Description
+ An arbitrary file read vulnerability in the Stapler web framework used by Jenkins before 2.133 allowed unauthenticated users to send crafted HTTP requests returning the contents of any file on the Jenkins master file system that the Jenkins master process has access to.
References
+ https://jenkins.io/security/advisory/2018-07-18/
Notes
CVE-2018-1999003 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ The URLs handling cancellation of queued builds in Jenkins before 2.133 did not perform a permission check, allowing users with Overall/Read permission to cancel queued builds.
References
+ https://jenkins.io/security/advisory/2018-07-18/
Notes
CVE-2018-1999004 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ The URL that initiates agent launches on the Jenkins master before 2.133 did not perform a permission check, allowing users with Overall/Read permission to initiate agent launches.
+ Doing so canceled all ongoing launches for the specified agent, so this allowed attackers to prevent an agent from launching indefinitely.
References
+ https://jenkins.io/security/advisory/2018-07-18/
Notes
CVE-2018-1999005 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Cross-site scripting
Description
+ The build timeline widget shown on URLs like /view/…/builds in Jenkins before 2.133 did not properly escape display names of items. This resulted in a cross-site scripting vulnerability exploitable by users able to control item display names
References
+ https://jenkins.io/security/advisory/2018-07-18/
Notes
CVE-2018-1999006 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Information disclosure
Description
+ Files indicating when a plugin JPI file was last extracted into a subdirectory of plugins/ in the Jenkins home directory were accessible via HTTP by users with Overall/Read permission before Jenkins 2.133. This allowed unauthorized users to determine the likely install date of a given plugin.
References
+ https://jenkins.io/security/advisory/2018-07-18/
Notes
CVE-2018-1999007 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Cross-site scripting
Description
+ Stapler is the web framework used by Jenkins to route HTTP requests. When its debug mode is enabled, HTTP 404 error pages display diagnostic information. Those error pages did not escape parts of URLs they displayed before Jenkins 2.133, in rare cases resulting in a cross-site scripting vulnerability.
References
+ https://jenkins.io/security/advisory/2018-07-18/
Notes
CVE-2018-1999023 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ "The Battle for Wesnoth", which allows arbitrary code execution by exploiting a vulnerability within the Lua scripting language engine which allows escaping existing sandbox measures in place and executing untrusted bytecode
References
+ http://www.openwall.com/lists/oss-security/2018/07/20/1
+ https://github.com/wesnoth/wesnoth/commit/d911268a783467842d38eae7ac1630f1fea41318
Notes