CVE-2022-38666 - Critical SSL/TLS Validation Flaw in Jenkins NS-ND Integration Performance Publisher Plugin
In September 2022, a dangerous vulnerability was disclosed in the Jenkins NS-ND Integration Performance Publisher Plugin, tracked as CVE-2022-38666. Jenkins is one of the most
CVE-2022-45400 - XXE Vulnerability in Jenkins JAPEX Plugin 1.7 and Earlier – Exploiting Misconfigured XML Parsers
Published: June 2024
Introduction
A critical security vulnerability, CVE-2022-45400, has been discovered in the Jenkins JAPEX Plugin version 1.7 and earlier. This issue happens
CVE-2022-45384 - How Attackers Can Steal Your Jenkins LDAP Password (and What You Can Do About It)
The world of software development thrives on automation. Jenkins, a popular automation server, is the backbone for many continuous integration and deployment pipelines. But what
CVE-2022-45379 - Exploiting Jenkins Script Security Plugin’s SHA-1 Script Approval Weakness
Jenkins is a widely used automation server for building, deploying, and automating software projects. Historically, its security model has been improved over multiple updates due
CVE-2022-45396 - Exploiting Jenkins SourceMonitor Plugin’s XXE Vulnerability (with PoC)
Jenkins is one of the most popular automation tools for CI/CD, used by thousands of organizations worldwide. However, plugin vulnerabilities can easily undermine your
Episode
00:00:00
00:00:00