A cross-site request forgery (CSRF) vulnerability in Jenkins Email Extension Plugin allows attackers to make another user stop watching an attacker-specified job.Read More ...
Continue Reading
May 16, 2023
Jenkins Ansible Plugin 204.v8191fd551eb_f and earlier does not mask extra variables displayed on the configuration form, increasing the potential for attackers to observe and capture them.Read More ...
Continue Reading
May 16, 2023
Jenkins TestNG Results Plugin 730.v4c5283037693 and earlier does not escape several values that are parsed from TestNG report files and displayed on the plugin's test information pages, resulting in a ...
Continue Reading
May 16, 2023
A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. ...
Continue Reading
May 16, 2023
A cross-site request forgery (CSRF) vulnerability in Jenkins Reverse Proxy Auth Plugin 1.7.4 and earlier allows attackers to connect to an attacker-specified LDAP server using attacker-specified crede ...
Continue Reading
May 16, 2023
Jenkins File Parameter Plugin 285.v757c5b_67a_c25 and earlier does not restrict the name (and resulting uploaded file name) of Stashed File Parameters, allowing attackers with Item/Configure permissio ...
Continue Reading
May 16, 2023
A cross-site request forgery (CSRF) vulnerability in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers to connect to an attacker-specified Azure Cloud server using attacke ...
Continue Reading
May 16, 2023
A cross-site request forgery (CSRF) vulnerability in Jenkins WSO2 Oauth Plugin 1.0 and earlier allows attackers to trick users into logging in to the attacker's account.Read More ...
Continue Reading
May 16, 2023
Back to Main
