Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to send an HTTP POST request with ...
Continue Reading
May 17, 2023
Jenkins Code Dx Plugin 3.1.0 and earlier stores Code Dx server API keys unencrypted in job `config.xml` files on the Jenkins controller as part of its configuration. These API keys can be viewed by us ...
Continue Reading
May 17, 2023
Jenkins Code Dx Plugin 3.1.0 and earlier stores Code Dx server API keys unencrypted in job `config.xml` files on the Jenkins controller as part of its configuration. These API keys can be viewed by us ...
Continue Reading
May 17, 2023
Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to send an HTTP POST request with ...
Continue Reading
May 17, 2023
Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to send an HTTP POST request with ...
Continue Reading
May 17, 2023
Jenkins Code Dx Plugin 3.1.0 and earlier stores Code Dx server API keys unencrypted in job `config.xml` files on the Jenkins controller as part of its configuration. These API keys can be viewed by us ...
Continue Reading
May 17, 2023
Jenkins Code Dx Plugin 3.1.0 and earlier stores Code Dx server API keys unencrypted in job `config.xml` files on the Jenkins controller as part of its configuration. These API keys can be viewed by us ...
Continue Reading
May 17, 2023
Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier does not perform a permission check in an HTTP endpoint. This allows attackers with Overall/Read permission to send an HTTP POST request with ...
Continue Reading
May 17, 2023
Back to Main
