CVE-2024-39460
- EPSS 0.21%
- Veröffentlicht 26.06.2024 17:15:27
- Zuletzt bearbeitet 10.10.2025 15:29:17
Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth access token as part of the Bitbucket URL in the build log in some cases.
CVE-2024-28152
- EPSS 0.03%
- Veröffentlicht 06.03.2024 17:15:10
- Zuletzt bearbeitet 18.09.2025 16:27:55
In Jenkins Bitbucket Branch Source Plugin 866.vdea_7dcd3008e and earlier, except 848.850.v6a_a_2a_234a_c81, when discovering pull requests from forks, the trust policy "Forks in the same account" allows changes to Jenkinsfiles from users without writ...
CVE-2022-20619
- EPSS 0.4%
- Veröffentlicht 12.01.2022 20:15:09
- Zuletzt bearbeitet 21.11.2024 06:43:10
A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another metho...
CVE-2022-20618
- EPSS 0.58%
- Veröffentlicht 12.01.2022 20:15:08
- Zuletzt bearbeitet 21.11.2024 06:43:10
A missing permission check in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and earlier allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins.