Jenkins can expose a TCP port that allows inbound agents to connect to it. It can be enabled, disabled, and configured in Manage Jenkins » Security. The two ...
Aug 16, 2023 · Descriptions. CSRF vulnerability in Folders Plugin may approve unsandboxed scripts. SECURITY-3106 / CVE-2023-40336. Severity (CVSS): High
Missing: book/ | Show results with:book/
CSRF Protection · Rendering User Content · Access ... Access to URLs provided by the security ... While the vast majority of URLs in Jenkins are by default ...
Sep 6, 2023 · Description: Job Configuration History Plugin 1227.v7a_79fc4dc01f and earlier does not restrict a name query parameter when rendering a history ...
Missing: book/ | Show results with:book/
... CSRF token (crumb) since Jenkins 2.96. To disable ... Learn more: https://jenkins.io/redirect/stapler-facet-restrictions ... jenkins.security.stapler.
Missing: book/ | Show results with:book/
https://jenkins.io. Description: Allows tweaking ... Restore the ability to disable CSRF protection after the UI for doing so was removed from Jenkins 2.222.
May 17, 2022 · This is intended to be used to allow Global Shared Libraries to execute without sandbox protection. In Pipeline: Groovy Plugin 2689.
Missing: book/ | Show results with:book/
Security advisories are the primary way to publicly inform Jenkins users about security issues in Jenkins and Jenkins plugins. You can find all past security ...
Missing: book/ protection/
Jun 14, 2023 · CSRF protection bypass vulnerability · SSL/TLS certificate validation disabled by default in Checkmarx Plugin · Missing permission checks in Team ...
Missing: book/ | Show results with:book/
Wherever possible, do not use it to allow bypassing CSRF protection. Since Jenkins 2.96, requests using Basic authentication providing an API token do not need ...
Missing: book/ | Show results with:book/