Mar 6, 2024 · Subversion Partial Release Manager Plugin · Trilead API Plugin. Descriptions. Terrapin SSH vulnerability in Trilead API Plugin. SECURITY-3333 / CVE-2023-48795

Oct 25, 2023 · GitHub Plugin 1.37.3.1 escapes GitHub project URL on the build page when showing changes. Exposure of system-scoped credentials in Warnings Plugin. SECURITY- ...

Jun 14, 2023 · 3.1 defines the appropriate context for credentials lookup. Stored XSS vulnerability in Maven Repository Server Plugin. SECURITY-3156 / CVE-2023-35143. Severity ...

Sep 6, 2023 · This allows attackers with Item/Configure permission to have Jenkins parse a crafted XML document that uses external entities for extraction of secrets from the ...

Feb 28, 2024 · On the Manage Jenkins page, under the Security section, select Configure Global Security. Under Security Realm, select Jenkins' own user database from the ...

Aug 16, 2023 · Blue Ocean Plugin 1.27.5.1 uses the configured SCM URL, instead of a user-specified URL provided as a parameter to the HTTP endpoint. CSRF vulnerability and ...

Dec 13, 2023 · This allows attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML. Additionally, the plugin ...

May 4, 2024 · The Role Strategy plugin is meant to be used from Jenkins to add a new role-based mechanism to manage users' permissions. Supported features.

Nov 29, 2023 · Jira Plugin 3.12 defines the appropriate context for credentials lookup. Incorrect permission checks in Google Compute Engine Plugin. SECURITY-2835 / CVE-2023- ...

Feb 14, 2024 · ... Manage Jenkins → Configure Global Security and specify a SINGLE user by its username. This feature DOES NOT synchronize users in the Active Directory ...