Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.7
CVE-2023-24428
- EPSS 0.14%
- Published 26.01.2023 21:18:17
- Last modified 02.04.2025 15:15:55
A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket OAuth Plugin 0.12 and earlier allows attackers to trick users into logging in to the attacker's account.
9.8
CVE-2023-24427
- EPSS 0.22%
- Published 26.01.2023 21:18:16
- Last modified 02.04.2025 15:15:55
Jenkins Bitbucket OAuth Plugin 0.12 and earlier does not invalidate the previous session on login.
7.8
CVE-2019-10460
- EPSS 0.01%
- Published 23.10.2019 13:15:10
- Last modified 21.11.2024 04:19:11
Jenkins Bitbucket OAuth Plugin 0.9 and earlier stored credentials unencrypted in the global config.xml configuration file on the Jenkins master where they could be viewed by users with access to the master file system.
1