Jenkins project - CVE CyberSecurity Database News (Page 10)

CVE-2023-39156 - How A CSRF Vulnerability in Jenkins Bazaar Plugin Let Attackers Delete SCM Tags

Jul 26, 2023 CSRF Exploit Jenkins project Jenkins Bazaar Plugin

CVE-2023-39156 - How A CSRF Vulnerability in Jenkins Bazaar Plugin Let Attackers Delete SCM Tags

In June 2023, a cross-site request forgery (CSRF) vulnerability, tracked as CVE-2023-39156, was discovered in the Jenkins Bazaar Plugin. This bug, present in version 1.

CVE-2023-39154 - Exploiting Improper Permission Checks in Jenkins Qualys Web App Scanning Connector Plugin

Jul 26, 2023 API Jenkins project Jenkins Qualys Web App Scanning Connector Plugin

CVE-2023-39154 - Exploiting Improper Permission Checks in Jenkins Qualys Web App Scanning Connector Plugin

Jenkins is a widely-used automation server in the DevOps world, helping developers deploy code and automate tasks. But sometimes, plugins meant to make life easy

CVE-2023-39155 - Jenkins Chef Identity Plugin Exposes Sensitive user.pem Key – Exploit and Analysis

Jul 26, 2023 Jenkins project Jenkins Chef Identity Plugin

CVE-2023-39155 - Jenkins Chef Identity Plugin Exposes Sensitive user.pem Key – Exploit and Analysis

In late 2023, a security vulnerability was reported in the Jenkins Chef Identity Plugin, tracked as CVE-2023-39155. This flaw is critical for Jenkins users who

CVE-2023-39152 - Jenkins Gradle Plugin’s Masking Bug That Can Leak Credentials

Jul 26, 2023 API Exploit Java Jenkins project Jenkins Gradle Plugin

CVE-2023-39152 - Jenkins Gradle Plugin’s Masking Bug That Can Leak Credentials

In mid-2023, a security vulnerability surfaced in the widely-used Jenkins Gradle Plugin (version 2.8 and below). This flaw, tracked as CVE-2023-39152, involves improper control

Apr 12, 2023 Exploit Jenkins project Jenkins Fogbugz Plugin

CVE-2023-30522 - Exploiting the permission flaw in Jenkins Fogbugz Plugin — Analysis, Example, and Exploit Details

_CVE-2023-30522_ is a critical vulnerability discovered in the Jenkins FogBugz Plugin version 2.2.17 and earlier. This vulnerability enables attackers with as little as