jenkins-asr.knowlarity.com
Open in
urlscan Pro
13.126.1.222
Public Scan
Submitted URL: http://jenkins-asr.knowlarity.com/
Effective URL: https://jenkins-asr.knowlarity.com/
Submission: On December 11 via api from US — Scanned from US
Effective URL: https://jenkins-asr.knowlarity.com/
Submission: On December 11 via api from US — Scanned from US
Form analysis
2 forms found in the DOMName: search — GET /search/
<form role="search" method="get" name="search" action="/search/" style="position:relative;" class="no-json">
<div id="search-box-minWidth" style="font-family: Roboto, Helvetica, Arial, sans-serif; font-size: 16px; font-style: normal; font-weight: 700;"></div>
<div id="search-box-sizer" style="font-family: Roboto, Helvetica, Arial, sans-serif; font-size: 16px; font-style: normal; font-weight: 700;"></div>
<div id="searchform" class="yui-ac"><input role="searchbox" name="q" placeholder="search" id="search-box" class="main-search__input has-default-text yui-ac-input defaulted" autocomplete="off" style="width: 300px;"><span
class="main-search__icon-leading"><svg viewBox="0 0 24 24" aria-hidden="" focusable="false" class="svg-icon ">
<use href="/static/4cd3c7ab/images/material-icons/svg-sprite-action-symbol.svg#ic_search_24px"></use>
</svg></span><a href="https://jenkins.io/redirect/search-box" class="main-search__icon-trailing"><svg viewBox="0 0 24 24" aria-hidden="" focusable="false" class="svg-icon "><use href="/static/4cd3c7ab/images/material-icons/svg-sprite-action-symbol.svg#ic_help_outline_24px"></use></svg></a>
<div id="search-box-completion" class="yui-ac-container" style="width: 300px; left: 0px; top: 42px;">
<div class="yui-ac-content" style="display: none; width: 300px;">
<div class="yui-ac-hd" style="display: none;"></div>
<div class="yui-ac-bd">
<ul>
<li style="display: none;"></li>
<li style="display: none;"></li>
<li style="display: none;"></li>
<li style="display: none;"></li>
<li style="display: none;"></li>
<li style="display: none;"></li>
<li style="display: none;"></li>
<li style="display: none;"></li>
<li style="display: none;"></li>
<li style="display: none;"></li>
</ul>
</div>
<div class="yui-ac-ft" style="display: none;"></div>
</div>
</div>
<script>
createSearchBox("/search/");
</script>
</div>
<div><input type="hidden" name="Jenkins-Crumb" value="6a3ae879290f5b9580c6c02e52af385907e1fd569690453b10ceb993e238eaba"></div>
</form>
POST /administrativeMonitor/jenkins.security.UpdateSiteWarningsMonitor/forward
<form method="post" action="/administrativeMonitor/jenkins.security.UpdateSiteWarningsMonitor/forward"><span class="yui-button yui-submit-button submit-button primary" id="yui-gen1" name="fix"><span class="first-child"><button type="button"
tabindex="0" id="yui-gen1-button">Go to plugin manager</button></span></span><span class="yui-button yui-submit-button submit-button primary" id="yui-gen2" name="configure"><span class="first-child"><button type="button" tabindex="0"
id="yui-gen2-button">Configure which of these warnings are shown</button></span></span>
<div><input type="hidden" name="Jenkins-Crumb" value="6a3ae879290f5b9580c6c02e52af385907e1fd569690453b10ceb993e238eaba"></div>
<div><input type="hidden" name="json" value="init"></div>
</form>
Text Content
Skip to content Jenkins * * * * * * * * * * monitors2 New version of Jenkins (2.375.1) is available for download (changelog). Go to plugin managerConfigure which of these warnings are shown Warnings have been published for the following currently installed components.Jenkins 2.222.1 core and librariesMultiple security vulnerabilities in Jenkins 2.318 and earlier, LTS 2.303.2 and earlierDenial of service vulnerability in bundled JettyMultiple security vulnerabilities in Jenkins 2.286 and earlier, LTS 2.277.1 and earlierMultiple security vulnerabilities in Jenkins 2.244 and earlier, LTS 2.235.1 and earlierMultiple security vulnerabilities in Jenkins 2.274 and earlier, LTS 2.263.1 and earlierMultiple security vulnerabilities in Jenkins 2.314 and earlier, LTS 2.303.1 and earlierMultiple security vulnerabilities in Jenkins 2.355 and earlier, LTS 2.332.3 and earlierHTTP/2 denial of service vulnerability in bundled JettyMultiple security vulnerabilities in Jenkins 2.299 and earlier, LTS 2.289.1 and earlierBuffer corruption in bundled JettyMultiple security vulnerabilities in Jenkins 2.251 and earlier, LTS 2.235.3 and earlierCSRF vulnerability in build triggersDoS vulnerability in bundled XStream libraryGitHub plugin 1.29.2Non-constant time webhook signature comparisonToken Macro Plugin 2.5XML External Entity processing vulnerabilityInformation disclosure and DoSPipeline: Input Step 2.8CSRF protection for any URL can be bypassedArbitrary file write vulnerabilityMailer Plugin 1.21CSRF vulnerability and missing permission checksMissing hostname validationScript Security Plugin 1.70Sandbox bypass vulnerabilityWhole-script approval vulnerable to SHA-1 collisionsStored XSS vulnerabilityCSRF vulnerabilitySandbox bypass vulnerabilitySandbox bypass vulnerabilityPipeline: Groovy 2.55Sandbox bypass via default method parameter expressionSensitive information disclosureSandbox bypass vulnerabilityScript Security sandbox bypassVulnerabilities in multiple Pipeline-related plugins allow reading arbitrary files on the controllerSandbox bypass vulnerability through implicitly allowlisted platform Groovy filesScript security sandbox bypassScript Security sandbox bypassOS command execution vulnerabilities in Pipeline-related pluginsScript Security sandbox bypassGit client plugin 2.7.3Missing hostname verificationSystem command execution vulnerabilityMaven Integration plugin 3.1.2Sensitive values in module build logs not maskedCredentials Plugin 2.1.18Reflected XSS vulnerabilityStored XSS vulnerabilityCertificate file read vulnerabilityPipeline: Supporting APIs 2.20Stored XSS vulnerabilityMatrix Authorization Strategy Plugin 2.3Stored XSS vulnerabilityIncorrect permission checks may allow accessing some itemsPipeline: Stage View Plugin 2.10CSRF protection for any URL can be bypassedJUnit Plugin 1.26.1Stored XSS vulnerabilityStored XSS vulnerabilityTimestamper 1.8.10Stored XSS vulnerabilityEmail Extension Plugin 2.63Script security sandbox bypassMissing hostname validationPipeline: Shared Groovy Libraries 2.11Untrusted users can modify some Pipeline librariesSandbox bypass vulnerabilityMissing permission checkVulnerabilities in multiple Pipeline-related plugins allow reading arbitrary files on the controllerSandbox bypass vulnerabilitySandbox bypass vulnerabilitySandbox bypass vulnerabilityOS command execution vulnerabilities in Pipeline-related pluginsCredentials Binding Plugin 1.16Improper masking of some secretsSecrets are not masked in builds without build stepsMissing permission check allows validating secret file credentials IDsGoogle Login Plugin 1.4Open redirect vulnerabilityDocker Commons Plugin 1.13OS command execution vulnerabilityPipeline: Declarative 1.3.2Script Security sandbox bypassPipeline: Build Step 2.7Password parameter default values exposedSubversion Plug-in 2.12.1CSRF vulnerabilityPath traversal vulnerability allows reading arbitrary filesXXE vulnerabilityStored XSS vulnerabilityStored XSS vulnerabilityPipeline: Multibranch 2.20OS command execution vulnerabilities in Pipeline-related pluginsVulnerabilities in multiple Pipeline-related plugins allow reading arbitrary files on the controllerGit plugin 3.9.1Improper masking of credentialsCSRF vulnerabilityStored XSS vulnerabilityMultiple SCM plugins can check out from the controller file systemLack of authentication mechanism in webhookStored XSS vulnerabilityParameterized Trigger plugin 2.35.2Sensitive parameter values captured in build metadata filesMatrix Project Plugin 1.14Stored XSS vulnerability in single axis builds tooltipsStored XSS vulnerabilityStored XSS vulnerability in multiple axis builds tooltipsDate Parameter Plugin 0.0.3Stored XSS vulnerability Manage Jenkins log in * Jenkins * ENABLE AUTO REFRESH New Item People Build History Manage Jenkins Credentials New View Build Queue No builds in the queue. Build Executor Status 1Idle2Idle add description All + S W Name ↓Last Success Last Failure Last Duration WDescription%Build stability: No recent builds failed.100 Transcription and keyword spotting job for a given user_id 4 yr 0 mo - #35 4 yr 0 mo - #251.3 sec Icon: S M L Legend Atom feed for all Atom feed for failures Atom feed for just latest builds Page generated: Dec 11, 2022 6:14:32 PM ISTREST APIJenkins ver. 2.222.1