Jul 12, 2023 · mabl Plugin 0.0.47 defines the appropriate context for credentials lookup. CSRF vulnerability and missing permission checks in mabl Plugin allow ...

Mar 8, 2023 · Search K. Jenkins Security Home ... Custom update site URLs (i.e., not https://updates.jenkins.io ... Additionally, the Jenkins security team has ...

May 16, 2023 · The Jenkins security team is not aware of any plugins that allow the exploitation of this vulnerability, as the build name must be set before ...

Aug 16, 2023 · Blue Ocean Plugin 1.27.5.1 uses the configured SCM URL, instead of a user-specified URL provided as a parameter to the HTTP endpoint. CSRF ...

Jul 26, 2023 · As of the publication of this advisory, the Jenkins security team is not aware of other plugins with a similar issue. CSRF vulnerability in ...

Apr 12, 2023 · Jenkins Security Team. About · Contributions ... Lucene-Search Plugin ... Quay.io trigger Plugin 0.1 and earlier does not limit URL schemes for ...

Dec 13, 2023 · Scriptler Plugin 342.v6a_89fd40f466 and earlier does not restrict a file name query parameter in an HTTP endpoint. This allows attackers with ...

... Jenkins security team. ... If a cookie is Secure on https://ci.jenkins.io, then it's a matter of configuration. ... URLs starting with https://issues.jenkinsio/ ...

Nov 29, 2023 · Jira Plugin 3.12 defines the appropriate context for credentials lookup. Incorrect permission checks in Google Compute Engine Plugin. SECURITY- ...

Search K. Jenkins Security Home. For Administrators ... These are some contributions by members of the Jenkins security team ... Resource Root URL: Support serving ...