Jenkins can expose a TCP port that allows inbound agents to connect to it. It can be enabled, disabled, and configured in Manage Jenkins » Security. The two ...
Aug 16, 2023 · Descriptions. CSRF vulnerability in Folders Plugin may approve unsandboxed scripts. SECURITY-3106 / CVE-2023-40336. Severity (CVSS): High
Missing: book/ | Show results with:book/
CSRF Protection · Rendering User Content · Access ... Access to URLs provided by the security ... While the vast majority of URLs in Jenkins are by default ...
... CSRF token (crumb) since Jenkins 2.96. To disable ... Learn more: https://jenkins.io/redirect/stapler-facet-restrictions ... jenkins.security.stapler.
Missing: book/ | Show results with:book/
https://jenkins.io. Description: Allows tweaking ... Restore the ability to disable CSRF protection after the UI for doing so was removed from Jenkins 2.222.
Sep 6, 2023 · Description: Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not restrict a name query parameter when rendering a history ...
Missing: book/ | Show results with:book/
May 17, 2022 · This is intended to be used to allow Global Shared Libraries to execute without sandbox protection. In Pipeline: Groovy Plugin 2689.
Missing: book/ | Show results with:book/
Security advisories are the primary way to publicly inform Jenkins users about security issues in Jenkins and Jenkins plugins. You can find all past security ...
Missing: book/ protection/
Wherever possible, do not use it to allow bypassing CSRF protection. Since Jenkins 2.96, requests using Basic authentication providing an API token do not need ...
Jun 14, 2023 · CSRF protection bypass vulnerability · SSL/TLS certificate validation disabled by default in Checkmarx Plugin · Missing permission checks in Team ...
Missing: book/ | Show results with:book/