This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue ReadingJanuary 27, 2023
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue ReadingJanuary 27, 2023
Jenkins Bitbucket OAuth Plugin 0.12 and earlier does not invalidate the previous session on login.Read More ...
Continue ReadingJanuary 27, 2023
A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and earlier allows attackers to trick users into logging in to the attacker's account.Read More ...
Continue ReadingJanuary 27, 2023
A missing permission check in Jenkins RabbitMQ Consumer Plugin 2.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified AMQP(S) URL using attacker-specified us ...
Continue ReadingJanuary 27, 2023
Jenkins TestQuality Updater Plugin 1.3 and earlier stores the TestQuality Updater password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with a ...
Continue ReadingJanuary 27, 2023
Jenkins OpenId Connect Authentication Plugin 2.4 and earlier does not invalidate the previous session on login.Read More ...
Continue ReadingJanuary 27, 2023
A sandbox bypass vulnerability involving map constructors in Jenkins Script Security Plugin 1228.vd93135a_2fb_25 and earlier allows attackers with permission to define and run sandboxed scripts, inclu ...
Continue ReadingJanuary 27, 2023
Back to Main